I need to configure multiple search domains for the connected SSL VPN users. Right now there is only support for a single domain. OpenVPN supports additional search domains, but there is no spot to fill those in in SophosFW. How can I configure that?
Dears
I am currently trying to set up SSL VPN on my SophosXG125 firewall, but I am encountering difficulties connecting without a public IP address.
Could you please confirm if it is possible to use SSL VPN without a public IP? If so, I would appreciate…
This problem is occurring on Sophos Firmware 20.0.2 MR-2-Build378 as well as SFOS 21.0.0 GA-Build169. The problem also occurs on an XG with a firmware of 20.0.2 MR-2.
Route Precedense has been set the following ways: static vpn sdwan | vpn static sdwan…
After the XG 210 upgrade to SFOS 20.0.2 MR2 build 378 we now have the issue that firewall rules for AD Group VPN Users no longer work for some SSL VPN users belonging to the AD VPN Users group. We know that IPSEC doesn’t work with AD groups but SSL VPN…
Hello Dear ,
I am experiencing an issue while attempting to set up the SSL VPN. When I download the Sophos Connect client from the user portal, the VPN option does not appear in the dropdown menu, preventing me from downloading the Sophos Connect client…
Hello Team,
I am explaining my case to you in order to receive the best advice from you as Sophos experts. I have my Sophos XG430 SFOS 20.0.0 GA Build 222 in production as a perimeter firewall (I only use 2 WAN ports and 1 LAN), this equipment allows…
Hallo Zusammen,
wir haben ein etwas größeres Problem mit dem SSL-VPN, aber fangen wir mal vorn an. Alles hat damit angefangen, das unsere Geschäftsführung gerne mit ihren IPads von Unterwegs mit ihrer Telekom LTE Karte auf unsere interne Citrix-Umgebung…
Hallo,
gibt es unter der Sophos XGS 2100 eine einfache Möglichkeit den SSL VPN für bestimmte extern User zeitlich einzuschränken? z.B. nur Werktags von 7:00 Uhr bis 19:00 Uhr?
Hi,
I am giving up on this,
I have opened a case with sophos but cannot figure out the issue. I have created a clientless VPN sftp for our server. It always gives me
read: Connection reset by peer
It works perfectly fine with Winscp using the…
I'd like to roll out SSLVPN to some of our users, but the password concatenated with the OTP code is very awkward....
You can't save the password, and you can't easily use a password manager either.
Is there some way or 3rd party software that will…
Very good to all!!!
Objective: It is needed that the “SSL VPN” connections of the clients, are allowed to connect through “Sophos Connect” through the main_gateway, and in case of failure of this, they can connect through the backup_gateway.
Case…
I'm a pulling my hair trying to figure out why our SSL VPN users all of a sudden cannot access the network resources. For the most part I moved 99% of our users over to IPsec VPN setups but in some cases, like accessing from China, IPsec does not allow…
Hallo Zusammen,
ich würde gerne bei mir folgendes bauen:
Nur bestimmte Nutzer aus einem Ausland sollen per VPN eine SSL/IPsec Verbindung zu meinem lokalen Netzwerk aufbauen.
Leider konnte ich bis jetzt mit einer Countryblocker-Firewallregel…
The SSL VPN client is not connecting immediately after installation and returns the error below We have just uninstalled the previous version of SSL client and re-installed the above. The last time a colleague installed a fresh OS on their machine, the…
Hallo zusammen,
Wir nutzen momentan XGS2100 (SFOS 21.0.0 GA-Build169)
ich habe bemerkt, dass wir einige Dienste durch SSLVPN nicht erreichbar haben.
Z.B wir haben ein Programm/Link, was wir Intern ganz normal nutzen kann aber über VPN geht nicht…
Hi,
Every month, when users change their Windows password, the VPN credentials do not update automatically. On the administration side, we have to delete the User, purge the AD users, and re-register them again.
We have already tried setting the …
I'm trying to configure an SSL VPN. Our WAN subnet has 5 IP addresses, with 4 aliases set up for the additional IPs:
Port2
Port2:0
Port2:1
Port2:2
Port2:3
Currently, I have a web server running on Port2:0 .
I want the SSL VPN to run…
It seems there hasn't been a solution for years: we have two gateways, Port4 and Port5, and we only want to use the gateway on Port5 for SSL VPN. However, the .ovpn file ALWAYS includes both gateways, with Port4 listed BEFORE Port5. We then have to manually…
Hi.
Anyone has configured Sophos XGS SSLVPN with Active Directory Authentication on AD with enumeration blocked?
After configure Server on XGS I can authenticate and retrieve groups/users without problem... My problem appears when try to authenticate…
Hallo,
seit gestern bekommen Benutzer, welche nur auf der Sophos lokal angelegt sind folgenden Fehler:
17711 - User failed to login to SSLVPN through AD authentication mechanism because of wrong credentials.
Warum sucht die Sophos nun plötzlich…
Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table Of Contents:
Overview
Steps to Reproduce
Workaround…
I received a message from SSL VPN and Captive portal about a certificate issue. I created a locally-signed certificate and installed it on the client’s machine, but the error related to the certificate still appears. Could you please advise on this?
Hello everyone,
I can not seem to find an answer to this question and hope that someone can clear this up.
We are currently migrating from the old VPN Client (SG) to the new Sophos Mobile Connect Client (XGS). Both are using SSL VPN Config.
…
Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table of Contents:
Overview
Configuration on Sophos Firewall…
We have AD synced Groups. We use them for FW Rule permissions, SSL VPN access and MFA control on the Firewall.
Now we have this scenario:
User XY is member of these groups:
Group A (used for a firewall rule) Group B (all members of the company,…