When will SFOS support IKEv2 for Remote Access? I was expecting a technical problem when I tried to enable IPSec RA and it did not allow me to select the default profile. I could not believe, this is not supported on a modern firewall. Vivek Jagad…

Hi, we are trying to configure IPsec tunnel between Sophos and Cisco ASA all configuration phase 1 and phase 2 are matches both sites. phase 1 is up but phase 2 is down i have checked logs below error message we are getting. 2024-12-05 13:15:08Z…

How can I factory reset my sophos red 60 manually using the reset button at the back. Also, is there a way we can access the red device through console or ssh?

Good Day, We have 2 remote offices with a site-to-site link connecting to Head office. Network config for offices: Head office: 10.x.x.x/16 Remote Office A: 172.16.x.x/16 Remote Office B: 172.17.x.x /17 Have fail-over links connecting both…

Hello All, I have 2 branch offices and one HQ office. I would like branch 1 to be able to communicate with branch 2 VIA the Sophos XGS appliance in the HQ. Can any body give me any pointers for the best way to achieve this. I know I could connect…

Very good to all!!! Objective: It is needed that the “SSL VPN” connections of the clients, are allowed to connect through “Sophos Connect” through the main_gateway, and in case of failure of this, they can connect through the backup_gateway. Case…

Hi, ich hatte eine SG230 und hier einen VPN IPSEC Tunnel zum Kunden. Hier wurde gewünscht, dass unsere Daten nur von einer IP Adresse gesendet werden. Somit hatte ich hier einen SNAT hinterlegt. Die Kollegen haben sich mit einem Service-User per SSL…

Hi, My employer uses Sophos Connect VPN. I currently use an Intel PC but am looking at changing to an ARM Snapdragon X PC. However I'm not sure whether Sophos Connect is compatible with Snapdragon X. Sophos "Supported platforms" on this support page…

Hallo liebe Gemeinde, habt Ihr eine Idee wie wir z.B. unsere IPsecs wirkungsvoll gegen die Angriffe von Quantencomputern schützen können? Was ist da die Best Practice auch im Bezug auf den Zeitraum für einen Schlüssel Tausch, welche Cipher welche…

I created a certificate based IPSec/IKEv2 Site-to-Site-VPN using the Sophos guides between two Sophos SG135 firewalls. One firewall runs on home edition (SFVH with firmware SFOS 21.0.0 GA-Build169 ) one runs on trial (SG135 with firmware SFOS 20.0.2 MR…

Hi, What's the recommended configuration for clients behind a RED? We have the the RED in SPLIT tunnel mode and have the Sophos Heartbeat IP included in the traffic sent over the tunnel. Is this right? We also have a Firewall rule for traffic to…

I'm a pulling my hair trying to figure out why our SSL VPN users all of a sudden cannot access the network resources. For the most part I moved 99% of our users over to IPsec VPN setups but in some cases, like accessing from China, IPsec does not allow…

Hi, I cannot find instructions on how, if possible at all, create Site2Site VPN tunnel, from Sophos XGS outbount to OpenVPN server. This is for IP phone service, I created one LAN port for local phones, MASQ via WAN interface....and now I nned to create…

Hallo Zusammen, ich würde gerne bei mir folgendes bauen: Nur bestimmte Nutzer aus einem Ausland sollen per VPN eine SSL/IPsec Verbindung zu meinem lokalen Netzwerk aufbauen. Leider konnte ich bis jetzt mit einer Countryblocker-Firewallregel…

Guten Morgen zusammen! Bei meinen größeren Kunden habe ich eine Wartungs-VM. Von da aus komme ich in der Regel an die Sophos Firewalls der jeweiligen Standorte intern über eine Site-to-Site VPN. Das hat bis her auch wunderbar geklappt, wenn ich die…

The SSL VPN client is not connecting immediately after installation and returns the error below We have just uninstalled the previous version of SSL client and re-installed the above. The last time a colleague installed a fresh OS on their machine, the…

Good day l have create a site to site to vpn , the vpn is up , but we cannot ping the branch site On the head office there is ospf configured, and if we trace route from the firewall it's showing that the traffic is going through the ospf vpn of…

Hallo zusammen, ich möchte von einem Linux Server, der sich im Internet befindet, eine VPN Verbindung (SSL oder IPSec) zu meiner Sophox XG Firewall herstellen. Bisher wurde der sich im LAN befindliche SFTP Server (Telefonanlage) über einen dedizierten…

Hallo zusammen, Wir nutzen momentan XGS2100 (SFOS 21.0.0 GA-Build169) ich habe bemerkt, dass wir einige Dienste durch SSLVPN nicht erreichbar haben. Z.B wir haben ein Programm/Link, was wir Intern ganz normal nutzen kann aber über VPN geht nicht…

I'm trying to configure an SSL VPN. Our WAN subnet has 5 IP addresses, with 4 aliases set up for the additional IPs: Port2 Port2:0 Port2:1 Port2:2 Port2:3 Currently, I have a web server running on Port2:0 . I want the SSL VPN to run…

Hi, Every month, when users change their Windows password, the VPN credentials do not update automatically. On the administration side, we have to delete the User, purge the AD users, and re-register them again. We have already tried setting the …

Hello, I'm facing a problem on UTM 9 (las version). I can't delete a CA from the WebAdmin. The button isn't display, the icon of the CA isn't the same as the others. For exemple, ohters CA look like this : The CA I want to delete, is used…

It seems there hasn't been a solution for years: we have two gateways, Port4 and Port5, and we only want to use the gateway on Port5 for SSL VPN. However, the .ovpn file ALWAYS includes both gateways, with Port4 listed BEFORE Port5. We then have to manually…

Hi fellow community members. I am trying to create a new local group on my Sophos XG Home (Running as Virtual appliance). Under the IPSEC remote access option. It is on disabled and greyed out. This is for both under the User category and also under…

Hallo Zusammen, ich habe an 3 Standorten XGS Firewalls. A <--> B <---> C A und B sind über eine IPSEC route based VPN verbunden B und C sind über eine Funkstrecke verbunden wie müsste eine statische route auf der Firewall B aussehen…