We have currently have two locations, each with a XG330 v19.5.4 MR4 and an EPL fiber connection between them that has a S2S IPSec tunnel setup and a static route on both ends pointing to the other. Each FW is setup with the local DC for user authentication…

Dear Support, If having XG210 ( SFOS 17.5.15 MR-15 ) with SSL VPN pattern current version ( 1.0.008 - 05:32:30, Sep 11 2020) Using the web interface, can a manual pattern upgrade to the version ( sslvpn_1.02_1.0.009.tar.gz.sig ) occurs without any…

HI all, Hoping you can help. Recently an external website we access has been updated and hosted elsewhere. Following the move we now get the following error but only when connecting via the VPN (Remote access). We can browse to the site without issue…

Hi I have customer with SSL VPN working fine 99% of the time. However users cannot connect from the same WAN subnet. Ie say the WAN IP of the XG is 85.85.12.5/27 If a user tried to VPN from anoter network which is on the same ISP (ie 85.85.12…

Hi, I've deployed doznes of SSL VPN clients, having DNS set to on-premises AD LAN DNS server 10.1.1.10 in General SSL VPN settings for all clients. Now when client with laptop connects to SSL VPN, I can see his/her default DNS resolving goes through…

Hello, I want to setup a S2S IPsec VPN between our Head office and Branch Office. The branch office has only IPv6. I have setup on btoh side the S2S VPN, but i cant get it to connect. And i even dont see any connection trys in the logs. For all other…

Hallo, how is it possible to control the IPSEC Remote VPN Access time-based on the XGS, so that the users can only establish a connection at certain times? Thank You!

I don't know if this is the right configuration so bear with me. I have a connection that essentially functions as a direct ethernet line back to the main office, called an EPLAN. It is set up in my Branch Office in the LAN zone. Everything works OK…

Hallo, ich habe zwei Sophos-XGS per site-to-site VPN SSL gekoppelt. Die Verbindung bekommt immer eine IP-Adresse aus dem SSL- Bereich per DHCP zugewiesen. Kann ich diese Adresse zuweisen bzw zumindest reservieren? z.B. soll die Sophos üner diesen…

Hi there, After the firmware update to SFOS 20.0.1 MR-1-Build342, we have rolled out the Sophos Connect Client v2.3.1. It turns out that DNS resolution does not work with IPsec. It looks like the wrong DNS servers are being entered here (ipv6). With SSL…

Hi. I just recently changed my SSL User account on Sophos, and after that, I can not access Sophos through SSL VPN and receive "received connection reset from gateway" on the Sophos connect client. When I log in to the user portal to download the new…

Hi Everyone, I can't figure out why can't I access any of my servers over VPN (IP Sec) after expanding my network from /24 to /22 I'm running SFOS 20.0.1 MR-1-Build342 Here's my setup: Before network expansion Network, LAN Zone, IPv4/netmask…

How can I disable MOBIKE IKEv2 extension support in IPSec?

Hi, i have the same Probleme like mentioned here Not able to connect SSL VPN but i am not able to find the setting he has changed in the xgs menu. ( i did already all Troubleshoot steps, even have compared all settings with another xgs device…

Grüß Euch! Wir haben hier aus heiterem Himmel ein seltsames VPN-Verbindungsproblem, mit glücklicherweise vorerst nur einem Benutzer. Am Abend ging es noch, in der Früh des nächsten Tages hat er berichtet, dass er im Home-Office keine VPN-Verbindung…

At our main site we have two Sophos XGS3100 in a highly available (active/passive) configuration. At a second site we have a single Sophos XGS 2100. On our Sophos XGS3100 we have a RED interface for a Sophos SD RED60 at a third site in a Standard…

Hello everyone and thanks in advance for your support. We have a person 192.168.1.X who connect to OUR network (192.168.0.0/16) via SSLVPN (Use tunnel as default gateway or not, doesn't make any difference) Sometimes things go wrong randomly (i…

Hallo allerseits, es geht um eine Client2Site Verbindung, die funktioniert soweit gut, aber die Bandbreite reicht nicht. Die Gegenstelle (Sophos XGS3200) würde 1Gbit annehmen. In den Netzwerkadapter Einstellungen ist die MTU auf 1400 limitiert. …

Hi, is it possible to clear single IPSEC VPN security associations via Device Console or Advanced Shell on Sophos XGS? E.g. I would like to disconnect all VPNs to one specific gateway. Thank you. Greetings, Torsten

Hello there. I have doing some labs and until now I have achieved to make a Sophos-Sophos and Forti-Forti Ipsec tunnel. However I am trying to make a Sophos XG-Fortigate IPSEC tunnel but my tunnel does not wake up. I have followed this guide and configure…

I am having an issue with an HA hardware pair. When the secondary node is the master SSL VPN users cannot connect with a remote VPN. Please help me on it.

Dear Community Members, I am immensely grateful for being part of this wonderful community. Could someone kindly provide guidance on how to upgrade SophosConnect_2.2.90.msi to SophosConnect_2.3.0.msi using Group Policy (GPO)? Alternatively, if there is…

Hello, all our Site-to-Site-VPN don't work again after upgrading from SFOS 20.0.0 GA-Build222 to SFOS 20.0.1 MR-1-Build342. In the log we find: (unnamed) - Couldn't parse IKE message from .. Also all outgoing remote IPSec don't work again after…

Hi all, I was hoping I can seek some guidance on this forum. Currently, we are using our Sophos XG Firewall to connect to our network on Azure using an IPSec VPN Tunnel. We do have two ISP running in our building one being main and other being backup…

I am having issues configuring a connection between two Sophos firewalls and i am hoping someone can help. The firewalls are installed in two datacenters which are operated by the same provider, both sites are currently configured with a WAN/internet…