Browse By Tags

  • Disconnection Ipsec with fritz

    After update to my xg firewall to v20 ipsec is become unstable. Randomly disconnection. openvpn client work without issue only ipsec have problem Some info: this setup worked for 2 year without a problem (another bug on v19 but fixed). Sophos firewall…
  • VPN global setting not applying changes

    Hi, i recently just updated the frimware to the latest 20.0 ver. Problem now i cant save the new ip range in the vpn global setting. As theres and know issue of the range thats need to correct from .5 to .0 after update. Only 2 firewalls seem to be having…
  • SOLVED: Sophos Connect broken after Windows Update 2024-08 - Service not available

    Hello community, since installation of Windows Updates - "KB5041580" ( https://support.microsoft.com/en-us/topic/august-13-2024-kb5041580-os-builds-19044-4780-and-19045-4780-2ef55b0d-bb01-41c8-8629-4146929792ad ) on Windows 10 22H2 and - "KB5041585…
  • Remote IPSEC VPN Disconnections

    Hello Sophos Community, Is there any documentation or procedure to troubleshoot end user disconnection from our remote access IPsec VPN? I have been looking on how to look at the firewall logs but I couldn't finds anything usefull.
  • IKEv1 PSK with same Gateways

    Hello @all, it is known that with IKEv1 on SFOS a new PSK overwrites all others PSKs if the gateways do not differ in the connections. Sadly I can not use IKEv2. Is it sufficient if just the local ID is different in connections and the remote ID is ANY…
  • SD RED 20 wifi module registers on wrong firewall

    Hi there, I've got a SD RED 20 with integrated wifi module, which was connected to a Firewall in Germany before. I set up a new RED config and shipped the Box to our branch in the USA. The Firewalls in USA and Germany are connected through IPSEC-Tunnel…
  • IPSEC down/up e-mail notification every 30 minutes

    Good morning. I have several XG/XGS of different clients configured with IPSEC against the same central, this central uses a CISCO firewall (we do not manage it). The problem we have is that every 30 minutes we receive an email from all the XG/XGS indicating…
  • VPN config broken, no server_dn is NULL in SQL after restore

    I had to restore my firewall from a backup, and now I can't download SSL VPN config from the portal anymore. Checking the log I get the following error: /home/jenkins/root/workspace/OmC/CI_64/build_dir/target-x86_64_glibc/vpnportal-1/internal/vpndownload…
  • VPN

    Ola boa noite, tenho 2 firewall configurado em Tunel RED,Dentro da rede consigo enchergar a rede do outro Firewall , mais quando estou em rede externa, e uso a VPN Sophos connect client, so consigo ping em uma rede, nao consigo da outra, quero acessar…
  • Policy Mis-Match Error on Sophos VPN Client.

    Hello, we are using Sohpos XG virtual firewall to connect VPN, it was working fine till few days before. Now on connecting we are observing error which states that "Policy mismatch error. Import a new policy for this connection." Please note that applied…
  • XGS4500 (SFOS 20.0.2 MR-2-Build378) after Firmware update from 20GA to MR2 stays dead

    Hello Sophos Community, we just updated two XGS4500 (in HA) to 20 MR2 and now the SSLVPN stays dead: After checking the admin interfance I logged into the shell: I used the command: service sslvpn:restart -ds nosync 503 Service Failed We don't…
  • XGS3300 MFA for SSL VPN

    Hey, is there a possibility to set up MFA for SSL VPN on the XGS 3300? Maybe even a SAML authentication with the MS authenticator? Can't find any infos on that in the documentation, neither can i find an optiuon the the admin panel. Can anyone…
  • SFOS 20.0.2 SSL VPN connection problem only on work laptop

    Hey everyone, I was recently given a SG115 firewall to mess around with and installed SFOS on it. While learning how to use it I've setup an SSL VPN connection that works on every computer except for my work laptop, which oddly enough is able to connect…
  • Multiple Gateways in Branch Office

    Hi, What is the proper way to connect a branch having multiple internet gateways but the head office has only one gateway? The branch office WAN1 interface has a Real IP but WAN2 uses DDNS with a dynamic IP. Should the branch office have a failover…
  • Route aus VPN wieder zurück auf das LAN ändern

    Hallo, ich hatte den Datenverkehr zum Sophos-Support (eu2.apu.sophos.com) durch einen Site-to-Site SSL VPN Tunnel zu einer anderen Sophos geschickt, da der Zugang dierekt über WAN gesperrt war. Nun sollte dieser Zugang über WAN freigeschaltet sein.…
  • Yellow Icon under IPSec Status

    Hi, One of my IPsec tunnels shows a yellow icon under the status but when I click on the connection details, all subnet connections show green. Any Suggestions?
  • Sophos Connect options (Provisionig file)

    Hi team, is it possible with Sophos Openconnect to only execute the Logon Script after successful vpn connection (using the .pro file)? Or is it also possible to run any custom script or command? I read the articles and if I did understand correct…
  • Site-to-Site VPNs and VLANS

    Hi, We've run a flat lan for years at our main location. We've recently updated our network and added a few new VLANS to the mix. Now I have a problem. We have several Site-to-Site VPNs up and running that work great with our original VLAN1. However…
  • User unable to connect to VPN - Child SA Error (Unsupported IP Version)

    I've seen this question asked multiple times but we can't figure out what the issue is other than a problem with his physical laptop which doesn't make sense. Things to note: Their credentials work on my machine (so its not an authentication issue…
  • Remote Access IPSEC - tunnel connects but unable to access any devices

    I have configured Remote Access VPN - IPSEC and I am able to establish a connection via the Sophos Connect app. However, I am unable to talk to any LAN devices connected to the Sophos XG 125W. Here are my configuration settings: 1. Remote Client…
  • Sophos Connect Provisioning File Userauthentification error

    Hello, we build a Sophos Connect Provisioning File for our XGS 3300 on FW 20MR1. We have the following Problem. If the Users "starts" the provisioning File and Enter his Credentials for log in, he gets an UserAuthentification error - with the Correct…
  • Implementation of provisioning + OTP in Sophos Connect client

    Hi there, I´m refering to this thread: Unsatisfactory implementation of provisioning + OTP in Sophos Connect client Is it still not possible to SETUP OTP during first Sophos Connect Login? Is it still necessary to have all users connecting to…
  • Established sSite to Site SSL VPN, Voip phones only working partially

    Hello - I have an XGS 2100 at HQ. We were using a RED device to connect the branch office Phone and LAN traffic via VPN to the HQ PBX/LAN and everything worked fine. Given the rollout of the latest OS, the RED is no longer compatible, so we are attempting…
  • Verbindung RED zur Sophos XG - welche Ports

    Hallo, leider finde ich in den Doku keine eindeutige Beschreibung. Wenn ich zu einer Sophos hinter einer Firewall eine RED verbinden möchte: Welche Ports braucht die Sophos nach außen? Benötigt die Sophos Port-Weiterleitungen (Erreichbarkeit aus…
  • Using SG Firewall as a RED device

    Hello, can you continue to use the SGs at the secondary locations as RED devices with an XGS or should you switch to an SD-RED 20 or SD-RED 60? Thank you very much