Situation: We now have many users working remotely that don’t need resources on the private network – everything they need is cloud based. Therefore they have no need to make a VPN connection to do their work. The Windows 10 AD-member PC ends up…

Good Morning, A newbie question - in these days of increase remote access to HQ, what is the best VPN service (or combination of) protocol to for staff remote access back to the office from their business laptops. Appreciate it's very much a 'it depends…

Hi, I have one question: a SG 430 9.705-3 is connected to multiple other SGs via IPSec. Today I just put in a new Network in the tunnel config of lets say HQ to Site A The tunnel came up again but was extremely unstable - high packet loss - in…

Hi folks! We have a site-to-site VPN via IPSec between an SG210 (600/40MBit) and an SG105 (70/25MBit) (both 9.705-3). If I enable IPS UDP Flood Protection (SMB-)traffic through the tunnel drops to about 270 kB/s, if disable it's about good 3,5 / 2…

Hi How can I find which version of StrongSwan the current Sophos UTM is using? We have an issue with a Site-to-Site VPN connection and the counterparty is asking for it. thanks and best simon

Hi There, First of all the Windows Server is not part of a domain it's just in a workgroup and had no domain name associated with it. The Sophos UTM9 is at 192.168.16.1 on the internal network, the UTM is providing DHCP, all 192.168.16.xxx numbers…

Hi, Can anyone advise me as to why I cannot select the UTM's DHCP to assign addresses? I know there is probably some reason? But I have read through so many post, but none have answered this directly. Regards D

Hi guys , I have implemented an IPsec VPN between an SG230 v2 appliance and a SG115 v3 appliance. RDP and HTTP protocol are a little bit slower, outside the VPN they are much faster I'm using 3DES policy, do you suggest a policy change? I also have…

Hi there, i currently have several IPSec site-to-site connections running on my Sophos UTM. Recently we received the request to add many more and I do not want the UTM do all the work. So my idea was that I could assign an additional IP address…

Hi all, hope you can help me, because i investierte some time in the configuration without solving the issue. Whats the problem? i must reach a specific external IP-Address from SIDE-A over the IPSec-VPN with the static-IP from SIDE-B <SIDE-A…

Good morning, I have a number of sites using Site-to-Site IPSEC tunnels, that terminate with my Sophos XG. I'd like to start sending the clients Internet Access through the tunnel, but am unsure what the best procedure is with UTM->XG S2S tunnels. …

Hello. I have a "simple" issue: i need to build two ipsec tunnels in which the destination is the same subnet, so my question is about the route precedence in case i make a more narrow tunnel(or even a host tunnel) on one side to solve this. for…

Hello together, we have had a strange behavior in the IPsec Site2Site VPN for some time. Among other VPN connections there is one VPN with a local network on our side and on the other side are three remote networks. Nothing special. The VPN is authenticated…

Hi all, I'm new to Sophos UTM 9 in still in the learning curve. I have replaced my Forefront TMG VM with an UTM 9 VM on HyperV. I have configured the UTM 9 to publish my Exchange 2016 environment and that all works like a charm. OWA is redirected, mail…

Hi, I'm facing problems on several newer Lenovo L570 laptops (containing "Fibocom L831-EAU" mobile broadband modems) when trying to use the Sophos IPSec client. The notebooks run fully patched (OS and drivers) Win10 64bit systems (1709), but the problem…

Hi, I was asked to configure Sophos UTM for VPN usage with OTP and IPAD . Someone successfull with this Task? Which VPN-type is usable? I need some hints how to accomplish this.

Previously had an IPSec VPN working between these two devices, after changing WAN address of the UTM pair, will not re-establish the link. PSK has not changed and I can see attempts on port 500 reaching us, but they reportedly can't see us trying to reach…

Hi Guys I'd be appreciate if someone help me with this crazy (yet should be well easy) IPSec Tunnel between two FWs. I followed this dude's vlog, but i got no luck yet.. This is what I see from IPSEC VPN* log from Webadmin portal of UTM9 ... …

Is there any problem with installing the Sophos IPSec client (11.x) and the Sophos UTM SSL VPN client on the same computer? Is there any conflict between the two clients? Only plan to make a connection with one client at a time. I just wanted to know…

Hello guys I got an strange issue. I needed a long time to complete a configuration between my Sophos UTM9 and my ShrewSoft Client to bring up a tunnel with an X509 certificate. A preshared key is unwanted. Now this is completed with 99%. The problem…

Hi, I have successfully implemented an IPSec VPN between a Cisco 887 and an SG210, however, this is just by IP. When I try to set up this VPN using hostnames, the whole thing crashes. Our situation is that the external IP on our UTM will be…

Hello, I have an issue related to ipsec. Definitely IPSec was not disconnected, but client which was located in BO can't access the server which was located in HO via IPSEC tunnel. PING reached a destination server correctly when client was not able…

Hey Everyone, I have an IPsec tunnel connecting multiple offices together and was wondering if someone could guide me to a better solution possibly? My Question is that I am having data being transferred between the different sites continuously…

Hi I am a little stumped about how to create alternative routes for a group of IP addresses, that are reachable through two ways: 1. They are host IPs defined in an IPSEC VPN, setup on the Sophos UTM 9, 2. They are available through a route on a…

Hi i would like to parse all site to site vpn errors. there for i need to event name of possiable site to site errors by sophos. for example "vpn phase 1 negotiation failed" like this where can i find all of posseible error list. thanks