Hi all, AP configuration works. I am able to remove & add the AP's. AP's are recognized and shown as active. I can see the traffic between AP & XGS Port 2712. Traffic to port 8472 from firewall to AP is not answered, but i see packets from AP to APIPA…

Hi there, I am using a Sophos XG 115 firewall. Yesterday the VPN stopped functioning after I installed the most recent firmware version MR-2-Build378 (20.0.2), and the VPN menu vanished from the user interface. I am able to download the Sophos Connect…

Hi all, when we try to add or change a configuration on the IPsec settings page on our XG/XGS Firewalls we always have to wait for about 2 minutes for the site to load and for it to be usable. The web browser shows the message "This page is slowing…

After update to my xg firewall to v20 ipsec is become unstable. Randomly disconnection. openvpn client work without issue only ipsec have problem Some info: this setup worked for 2 year without a problem (another bug on v19 but fixed). Sophos firewall…

Hi, i recently just updated the frimware to the latest 20.0 ver. Problem now i cant save the new ip range in the vpn global setting. As theres and know issue of the range thats need to correct from .5 to .0 after update. Only 2 firewalls seem to be having…

Hello community, since installation of Windows Updates - "KB5041580" ( https://support.microsoft.com/en-us/topic/august-13-2024-kb5041580-os-builds-19044-4780-and-19045-4780-2ef55b0d-bb01-41c8-8629-4146929792ad ) on Windows 10 22H2 and - "KB5041585…

Hello Sophos Community, Is there any documentation or procedure to troubleshoot end user disconnection from our remote access IPsec VPN? I have been looking on how to look at the firewall logs but I couldn't finds anything usefull.

Hello @all, it is known that with IKEv1 on SFOS a new PSK overwrites all others PSKs if the gateways do not differ in the connections. Sadly I can not use IKEv2. Is it sufficient if just the local ID is different in connections and the remote ID is ANY…

Hi there, I've got a SD RED 20 with integrated wifi module, which was connected to a Firewall in Germany before. I set up a new RED config and shipped the Box to our branch in the USA. The Firewalls in USA and Germany are connected through IPSEC-Tunnel…

Good morning. I have several XG/XGS of different clients configured with IPSEC against the same central, this central uses a CISCO firewall (we do not manage it). The problem we have is that every 30 minutes we receive an email from all the XG/XGS indicating…

I had to restore my firewall from a backup, and now I can't download SSL VPN config from the portal anymore. Checking the log I get the following error: /home/jenkins/root/workspace/OmC/CI_64/build_dir/target-x86_64_glibc/vpnportal-1/internal/vpndownload…

Ola boa noite, tenho 2 firewall configurado em Tunel RED,Dentro da rede consigo enchergar a rede do outro Firewall , mais quando estou em rede externa, e uso a VPN Sophos connect client, so consigo ping em uma rede, nao consigo da outra, quero acessar…

Hello, we are using Sohpos XG virtual firewall to connect VPN, it was working fine till few days before. Now on connecting we are observing error which states that "Policy mismatch error. Import a new policy for this connection." Please note that applied…

Hello Sophos Community, we just updated two XGS4500 (in HA) to 20 MR2 and now the SSLVPN stays dead: After checking the admin interfance I logged into the shell: I used the command: service sslvpn:restart -ds nosync 503 Service Failed We don't…

Hey, is there a possibility to set up MFA for SSL VPN on the XGS 3300? Maybe even a SAML authentication with the MS authenticator? Can't find any infos on that in the documentation, neither can i find an optiuon the the admin panel. Can anyone…

Hey everyone, I was recently given a SG115 firewall to mess around with and installed SFOS on it. While learning how to use it I've setup an SSL VPN connection that works on every computer except for my work laptop, which oddly enough is able to connect…

Hi, What is the proper way to connect a branch having multiple internet gateways but the head office has only one gateway? The branch office WAN1 interface has a Real IP but WAN2 uses DDNS with a dynamic IP. Should the branch office have a failover…

Hallo, ich hatte den Datenverkehr zum Sophos-Support (eu2.apu.sophos.com) durch einen Site-to-Site SSL VPN Tunnel zu einer anderen Sophos geschickt, da der Zugang dierekt über WAN gesperrt war. Nun sollte dieser Zugang über WAN freigeschaltet sein.…

Hi, One of my IPsec tunnels shows a yellow icon under the status but when I click on the connection details, all subnet connections show green. Any Suggestions?

Hi team, is it possible with Sophos Openconnect to only execute the Logon Script after successful vpn connection (using the .pro file)? Or is it also possible to run any custom script or command? I read the articles and if I did understand correct…

Hi, We've run a flat lan for years at our main location. We've recently updated our network and added a few new VLANS to the mix. Now I have a problem. We have several Site-to-Site VPNs up and running that work great with our original VLAN1. However…

I have configured Remote Access VPN - IPSEC and I am able to establish a connection via the Sophos Connect app. However, I am unable to talk to any LAN devices connected to the Sophos XG 125W. Here are my configuration settings: 1. Remote Client…

Hello, we build a Sophos Connect Provisioning File for our XGS 3300 on FW 20MR1. We have the following Problem. If the Users "starts" the provisioning File and Enter his Credentials for log in, he gets an UserAuthentification error - with the Correct…

Hi there, I´m refering to this thread: Unsatisfactory implementation of provisioning + OTP in Sophos Connect client Is it still not possible to SETUP OTP during first Sophos Connect Login? Is it still necessary to have all users connecting to…

Hello - I have an XGS 2100 at HQ. We were using a RED device to connect the branch office Phone and LAN traffic via VPN to the HQ PBX/LAN and everything worked fine. Given the rollout of the latest OS, the RED is no longer compatible, so we are attempting…