• Using Active Directory Goups for IPSec Connect Client VPN

    David Lorenz
    David Lorenz
    Hello Community, we use Sophos IPSec VPN with Active Directory authentication. All our VPN-Users are member of the Active Directory group "AAIC-VPN". We can use this group in fw rules: But we can not use this rule in the vpn settings: I…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall IPSec Remote Connection with IKEv2

    David Lorenz
    David Lorenz
    Hello Community, the default policy for IPSec (Connect Client) VPN use IKEv1. Is it possible to build a new profile with IKEv2? What should I configure that its secure and works well? I hope someone have a best practice for me. Thank you…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • using sslvpn client on local network

    Sylvain Dubert
    Sylvain Dubert
    Hello, I am looking for a solution to use an sslvpn (ipsec) connection on the local network, the goal is to restrict access to certain resources. I tried to modify the SCX file by putting the LAN address of the sophos but still impossible to connect …
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • VPN does not allow more than one user to be connected

    Jonathan Nali
    Jonathan Nali
    Hi Everyone, I have an interesting issue. One of our branch offices uses an LTE router to connect to the internet and then VPN to connect to HQ. The problem is that when one person connects to VPN, the one that was connected before gets disconnected…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Two L2TP clients one internet connection

    Charles Dickerson1
    Charles Dickerson1
    Sophos XGS116 running 18.5.3 MR3 I have a client that has taken two of their office laptops home. Both laptops are setup with L2TP VPN. She wants both laptops to VPN into the firewall at the same time from her home internet connection. When one laptop…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • V19 - Some websites no longer work via VPN

    M8ey
    M8ey
    Hey guys I have a very odd issue. Loaded V19 last night to my XG450 - all loaded fine and seems OK today - until the Remote users started raising tickets that some sites wouldn't load. I cant work out why... - They loaded before V19 - the…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect / SCCLI - retaining usernames and passwords?

    Nez_Pottage
    Nez_Pottage
    Using the SCCLI for Sophos Connect on a mac (possibly on windows too but not tested yet), when updating changes to a profile by first adding a revised scx file, and then updating the connection in the engine, ( NOT using the "clear credentials" option…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • BUG: Sophos Connect cannot connect when using spaces in password

    eclipse79
    eclipse79
    Hello I found a bug in Sophos Connect. How to reproduce 1. Create a local user 2. Set a password with space chars (such as Telefono .1) 3. Try to connect using Sophos Connect Authentication will fail. Please notice that: 1. Authentication…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • V19 & Custom policy support for IPSEC Remote Access

    Ant-P
    Ant-P
    We're currently on v18.5.3 and have approx 70 users with IPSEC Remote Access. One of the big improvements for us in v19 is the Custom IPSEC RA policy, and the adjustment of re-key times. After we upgrade to v19; Will all current IPSEC Remote Access…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • IPSEC Remote Access .scx file invalid

    Craig Glaser
    Craig Glaser
    I'm trying to configure an IPSEC remote access VPN. When I download and extract the configuration archive, the .tgb file appear to be valid, but the .sck file only contains the following: cannot open file /tmp/root_cert.txt at /scripts/vpn/ipsec/generateJSONVPNClientConf…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • SAML Integration for Sophos Connect

    Jason Bristow
    Jason Bristow
    Will SAML integration be available for Sophos Connect authentication in the future?
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Can these VPN Settings be changed w/o requiring new OPVN files?

    Yogi_Bear_79
    Yogi_Bear_79
    We've recently implemented 2FA, and have had a few issues. It seems some of our clients are timing out, and then trying to auto-reconnect w/o user intervention. I'd like to max out the idle peer setting at a minimum. This will alleviate a few issues with…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Android 12 removed support of IPSec Xauth and L2TP

    Optus
    Optus
    Hello, as mentioned in the subject, in android 12 both IPsec Xauth and L2TP were removed completly. The only available authentication types of the android vpn built-in client are: IKEv2/IPsec MSCHAPv2 IKEv2/IPSec PSK IKEv2/IPSec RSA Are any of…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG auto import ipsec and sslvpn provisioning.pro file

    Sven_B
    Sven_B
    XG550 (SFOS 18.5.3 MR-3-Build408) sophos connect client “2.1.20.0309 Hello Forum, hope someone can help. we are currently rolling out the sophos connect client over provisioning.pro file and allow our users SSLVPN and IPsec ( 500 User) After we…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • SOPHOS CONNECT , LOST ACCESS TO SHARED FOLDERS

    Paola Vazquez
    Paola Vazquez
    Hi team Currently I have a IPSec Remote with Sophos Connect, nevertheless , when I try connect with mi local shared folders I cant do it, because the peticion is by WAN. The are my rules
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos connect using provisioning file for multiple gateways

    Dev Pineni
    Dev Pineni
    Hi, I have configured the Connect Client with the following config[ { "display_name": "XG_SSL-VPN", "gateway_order": "in_order", "gateway": [ "xg1.some.company.com", "xg2.some.other.com", "xg3.yet.another.com" ], "user_portal_port": xxx, "otp": false…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG230 | L2TP-Error

    Diakonie Sachsen
    Diakonie Sachsen
    Hi everyone Error Description: Firewall: Sophos XG230 cluster Firmware: SFOS 18.5.3 MR-3-Build408 VPN: L2TP (currently with psk) | AES256 & SHA2 256 (1 & 2) / DH14 (1) / ECP256 (2) We use Windows' built-in VPN via L2TP/IPsec via our UTM…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect Provisioning File

    Ajay Sharma1
    Ajay Sharma1
    Hello Members, We have Sophos XG330 with 18.5.3 MR3 and are using Sophos Connect (IPSec Remote Access) for our remote / WFH users. We tried to use Provisioning File to import VPN configuration. We are getting failed to login error. In firewall logs…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect SSL VPN Special Character

    Thomas_Braun
    Thomas_Braun
    That can´t be true! We are using VPN SSL and of course all Users using normal password policy including SPECIAL Characters such as "#,$,%, [Space]. Authentication through ADS. With the old Sophos SSL VPN Client it works but NOT with the "New" Sophos…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • l2TP vpn on XGS firewall

    Jawad Al-Ajlouni
    Jawad Al-Ajlouni
    Hi, I would like to deploy L2TP VPN on large number of PC's as you know the configuration is time consuming on the client PC. is there a way to automate the process. if no, can I use intune to automatically push the profiles and network configuration…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect client not running login scripts

    Colin Myers
    Colin Myers
    Hi All, This post was never resolved but I have the same issue: https://community.sophos.com/sophos-xg-firewall/f/discussions/126137/sophos-connect-client---logon-script-not-working The log file shows the user script is found and executed but nothing…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Connect client advanced settings reset itself

    PeteH
    PeteH
    Has anyone seen this behaviour? Sophos XG135. v18.5.2 MR2. Been running Connect client VPN for 5-6 months fine. At about 10 this morning started getting calls from users saying VPN was not connecting. Looked on the firewall IPSEC config and in the…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect IPSec Client Routing

    Hugh D
    Hugh D
    Good Afternoon, I have a number of PCs that connect to my XG firewall using Sophos Connect IPSec. They can access all the internal resources that I have allowed by way of firewall rules, however no matter what I try, I seem to not be able to configure…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • go to internet via l2tp vpn

    Rene Pall
    Rene Pall
    hi folks, i have create a l2tp vpn on a sophos xg115 , the ip range works, i can connect to the vpn but when i connect i could not use the "normal" internet. ill get the ip, then the dns and wins server but no gateway. in the roulset i have also…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Migrating from Sophos SSL VPN Client to Sophos Connect v2

    Luca Layher
    Luca Layher
    Hello all, we have to migrate from the "old" Sophos SSL VPN Client to the new Sophos Connect v2 Client. We would like to deploy the Connect v2 via Software Deployment (Desktop Management System). Providing the msi with parameters isnt the problem. …
    • over 2 years ago
    • Sophos Firewall
    • Discussions
<>