• Always on VPN with Sophos UTM SG330?

    KrisJacobs
    KrisJacobs
    Situation: We now have many users working remotely that don’t need resources on the private network – everything they need is cloud based. Therefore they have no need to make a VPN connection to do their work. The Windows 10 AD-member PC ends up…
    • over 3 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • Remote VPN access - best Practice for increase number remote staff access HQ network shares and services

    Frederick Mar
    Frederick Mar
    Good Morning, A newbie question - in these days of increase remote access to HQ, what is the best VPN service (or combination of) protocol to for staff remote access back to the office from their business laptops. Appreciate it's very much a 'it depends…
    • Answered
    • over 4 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • IPSec Tunnel: length of ISAKMP Message is smaller than minimum

    LHerzog
    LHerzog
    Hi, I have one question: a SG 430 9.705-3 is connected to multiple other SGs via IPSec. Today I just put in a new Network in the tunnel config of lets say HQ to Site A The tunnel came up again but was extremely unstable - high packet loss - in…
    • over 4 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • IPSEC site-to-site perfomance spoiled by IPS (UDP Flood), exception not working

    Reintke
    Reintke
    Hi folks! We have a site-to-site VPN via IPSec between an SG210 (600/40MBit) and an SG105 (70/25MBit) (both 9.705-3). If I enable IPS UDP Flood Protection (SMB-)traffic through the tunnel drops to about 270 kB/s, if disable it's about good 3,5 / 2…
    • Answered
    • over 4 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • Version of StrongSwan

    SimonKeel
    SimonKeel
    Hi How can I find which version of StrongSwan the current Sophos UTM is using? We have an issue with a Site-to-Site VPN connection and the counterparty is asking for it. thanks and best simon
    • Answered
    • over 4 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • How do I connect to a Sophos UTM9 SG210 that sits behind a Comcast Business Gateway?

    nnhood
    nnhood
    Hi There, First of all the Windows Server is not part of a domain it's just in a workgroup and had no domain name associated with it. The Sophos UTM9 is at 192.168.16.1 on the internal network, the UTM is providing DHCP, all 192.168.16.xxx numbers…
    • over 6 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • Home user need some advice. UTM DHCP and VPN

    drifting
    drifting
    Hi, Can anyone advise me as to why I cannot select the UTM's DHCP to assign addresses? I know there is probably some reason? But I have read through so many post, but none have answered this directly. Regards D
    • over 6 years ago
    • UTM Firewall
    • General Discussion
  • IPsec VPN: best policy for encryption?

    m.novelli
    m.novelli
    Hi guys , I have implemented an IPsec VPN between an SG230 v2 appliance and a SG115 v3 appliance. RDP and HTTP protocol are a little bit slower, outside the VPN they are much faster I'm using 3DES policy, do you suggest a policy change? I also have…
    • over 6 years ago
    • UTM Firewall
    • General Discussion
  • Bypassing some of the IPSec traffic

    Thomas Schachtner
    Thomas Schachtner
    Hi there, i currently have several IPSec site-to-site connections running on my Sophos UTM. Recently we received the request to add many more and I do not want the UTM do all the work. So my idea was that I could assign an additional IP address…
    • over 6 years ago
    • UTM Firewall
    • General Discussion
  • Route specific external IP-Address (Backend) on SIDE-A over IPSec-VPN and reach it with the Static-IP from SIDE-B

    Adolar
    Adolar
    Hi all, hope you can help me, because i investierte some time in the configuration without solving the issue. Whats the problem? i must reach a specific external IP-Address from SIDE-A over the IPSec-VPN with the static-IP from SIDE-B <SIDE-A…
    • over 6 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • Internet Access through Site-to-Site IPSEC Tunnel

    Eric DeStefano
    Eric DeStefano
    Good morning, I have a number of sites using Site-to-Site IPSEC tunnels, that terminate with my Sophos XG. I'd like to start sending the clients Internet Access through the tunnel, but am unsure what the best procedure is with UTM->XG S2S tunnels. …
    • Answered
    • over 6 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • ipsec subnet route precedence

    Mast_01
    Mast_01
    Hello. I have a "simple" issue: i need to build two ipsec tunnels in which the destination is the same subnet, so my question is about the route precedence in case i make a more narrow tunnel(or even a host tunnel) on one side to solve this. for…
    • over 6 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • VPN Problem

    Ster Linga
    Ster Linga
    Hello together, we have had a strange behavior in the IPsec Site2Site VPN for some time. Among other VPN connections there is one VPN with a local network on our side and on the other side are three remote networks. Nothing special. The VPN is authenticated…
    • over 6 years ago
    • UTM Firewall
    • General Discussion
  • VPN Access from external network not working on UTM 9 VM

    Edward Voermans
    Edward Voermans
    Hi all, I'm new to Sophos UTM 9 in still in the learning curve. I have replaced my Forefront TMG VM with an UTM 9 VM on HyperV. I have configured the UTM 9 to publish my Exchange 2016 environment and that all works like a charm. OWA is redirected, mail…
    • over 6 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • Sophos IPSec client on Lenovo L570 with Fibocom L831-EAU LTE modem doesn't work over mobile, but works over LAN/WiFi

    Team Software
    Team Software
    Hi, I'm facing problems on several newer Lenovo L570 laptops (containing "Fibocom L831-EAU" mobile broadband modems) when trying to use the Sophos IPSec client. The notebooks run fully patched (OS and drivers) Win10 64bit systems (1709), but the problem…
    • over 6 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • Need VPN for IOS with OTP

    dirkkotte
    dirkkotte
    Hi, I was asked to configure Sophos UTM for VPN usage with OTP and IPAD . Someone successfull with this Task? Which VPN-type is usable? I need some hints how to accomplish this.
    • over 6 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • Can't get IPSec Phase 1 to a Cisco ASA. Have previously, but no longer working after WAN IP change.

    ThatGuy
    ThatGuy
    Previously had an IPSec VPN working between these two devices, after changing WAN address of the UTM pair, will not re-establish the link. PSK has not changed and I can see attempts on port 500 reaching us, but they reportedly can't see us trying to reach…
    • over 6 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • IPSec Tunnel between UTM 9 and Pfsense 2.4.1

    ciwan
    ciwan
    Hi Guys I'd be appreciate if someone help me with this crazy (yet should be well easy) IPSec Tunnel between two FWs. I followed this dude's vlog, but i got no luck yet.. This is what I see from IPSEC VPN* log from Webadmin portal of UTM9 ... …
    • over 7 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • Can the Sophos IPSec client and Sophos UTM SSL client be installed on the same computer?

    JBooks
    JBooks
    Is there any problem with installing the Sophos IPSec client (11.x) and the Sophos UTM SSL VPN client on the same computer? Is there any conflict between the two clients? Only plan to make a connection with one client at a time. I just wanted to know…
    • Answered
    • over 7 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • Why Shrewsoft Tunnel to UTM9 does not complete?

    JT_1234
    JT_1234
    Hello guys I got an strange issue. I needed a long time to complete a configuration between my Sophos UTM9 and my ShrewSoft Client to bring up a tunnel with an X509 certificate. A preshared key is unwanted. Now this is completed with 99%. The problem…
    • over 7 years ago
    • UTM Firewall
    • General Discussion
  • IPSec VPN to Cisco 887 Using Hostnames

    Harry Stout
    Harry Stout
    Hi, I have successfully implemented an IPSec VPN between a Cisco 887 and an SG210, however, this is just by IP. When I try to set up this VPN using hostnames, the whole thing crashes. Our situation is that the external IP on our UTM will be…
    • over 7 years ago
    • UTM Firewall
    • General Discussion
  • Client can't access the server via ipsec vpn even though ipsec is connected.

    YujinWon
    YujinWon
    Hello, I have an issue related to ipsec. Definitely IPSec was not disconnected, but client which was located in BO can't access the server which was located in HO via IPSEC tunnel. PING reached a destination server correctly when client was not able…
    • over 7 years ago
    • UTM Firewall
    • General Discussion
  • IPsec Tunnel

    SecretSquirrel__
    SecretSquirrel__
    Hey Everyone, I have an IPsec tunnel connecting multiple offices together and was wondering if someone could guide me to a better solution possibly? My Question is that I am having data being transferred between the different sites continuously…
    • over 7 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • How to make Destination IPs, which are both IPSec VPN hosts and available through fibre connections alternative routes?

    SinaOwolabi1
    SinaOwolabi1
    Hi I am a little stumped about how to create alternative routes for a group of IP addresses, that are reachable through two ways: 1. They are host IPs defined in an IPSEC VPN, setup on the Sophos UTM 9, 2. They are available through a route on a…
    • over 7 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
  • IPSec VPN log monitoring

    kara kutu
    kara kutu
    Hi i would like to parse all site to site vpn errors. there for i need to event name of possiable site to site errors by sophos. for example "vpn phase 1 negotiation failed" like this where can i find all of posseible error list. thanks
    • over 7 years ago
    • UTM Firewall
    • VPN: Site to Site and Remote Access
<>