• SSL VPN Performance is horrible using TCP or UDP

    Shawn Adams
    Shawn Adams
    We have 2 XG330 in HA, a 300Mbit connection and are using the SFOS 20.0.0 GA-Build222 firmware with Sophos Connect. Using the SSL VPN with UDP we are seeing speeds of 3.6Mbit down and 6.9Mbit up. The Client has 100Mbit. I've read a lot of different…
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • Remote Access SSL VPN Static IP address results in route issues

    Linh Phàng Tú Linh
    Linh Phàng Tú Linh
    Hello there I'm using version XGS2100 (SFOS 20.0.0 GA-Build222) and getting an error in SSL VPN Static IP When I use static IP for VPN user, the firewall cannot connect to the static ip of vpn user When i have the static IP Address disabled in my…
    • Answered
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • SSL VPN Sophos Connect failed

    Mohamed Said Ali
    Mohamed Said Ali
    We created SSL VPN from Sophos firewall But still connection from sophos connect not stablished, the indication error displayed by this message " DNS Resolution failed for gateway : Firewall DNS Name
    • 7 months ago
    • Sophos Firewall
    • Discussions
  • User Duo lockout SSLVPN

    Lance Ecklesdafer
    Lance Ecklesdafer
    Hello everyone, We are running into an issue where the SSL VPN client will drop a connection and then cause a DUO lockout after sending multiple auth attempts. Has anybody found a way to use DUO for SSL (via DUO Radius Server) that will not continually…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Conflicts between Public Wi-Fi IP Address and internal LAN (through VPN)

    cm00001
    cm00001
    Hello, Today I found a case that I've intermittently found in the past, but I decide to bring it up in the forum and try to find a permanent solution. I connected to a public WiFi network with an iPad. The network provided the following through…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect SSL warning message

    Weston Gately
    Weston Gately
    This message pops up when I try to connect. We have other people using the same setup without issue. Is there something wrong with my config file? It does connect, but it needs to be secure. My Config file looks like this: [ { "gateway": "REDACTED…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Enable SSL VPN and Internal Exposted Host

    Chris K
    Chris K
    Hi, I have an internal IP exposted to the public IP and this also works like it should. External traffic is translated to that host and you can access that host from the Internet. Now I wanted to add a SSL VPN Connection, made a firewall rule, a policy…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • SSL-VPN disconnect reason

    Massimiliano Scarabotti
    Massimiliano Scarabotti
    Hi! I can use Reports function to discover, for example, how many ssl-vpn accesses a user did yesterday. Is there a way to know if the disconnection, related to these accesses, occured due to timeout reason (set on 15 minuts for default)? Thanks for support…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Connecting to VPN ignores all local DNS setup

    Matt Tyree
    Matt Tyree
    I have some services running on a local server behind a reverse proxy and those services are protected from access outside IP subnets not specified in the reverse proxy settings. In my local router, I have the addresses for all these services listed…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • VPN on Android, can access LAN by IP but not Name

    Joe Schmoe
    Joe Schmoe
    On my phone connected via OVPN I can access local network resources by IP but name resolution won't work. VPN: SSL VPN (remote access) I have Policy Members setup Use as default gateway is on Permitted network sources IPv4 is set to my local LAN VPN…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Passing IPsec networks through SSL VPN

    Lais Medeiros
    Lais Medeiros
    Dear, I have a site-to-site VPN between a Sophos XGS87 and a fortigate. I need SSL VPN users on my Sophos to have access to remote networks from this fortigate. Local networks on the Sophos XGS87 side: 10.40.85.0/24 10.50.85.0/24 Sophos SSL VPN…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS Site-To-Site SSL VPN will not auto connect after reboot

    Mook Sin Siew
    Mook Sin Siew
    Hi, We have a Sophos XGS 107 (Client) connecting to another unit XGS 2100 (Server) via Site-To-Site SSL VPN. We noticed the Site-to-Site SSL VPN will not auto connect after the Client unit get restarted When it happened, we manually on/off the SSL…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Unidentified Network - Kerberus Auth Problem only with SSL and without NETBIOS

    Steve Reschke
    Steve Reschke
    Hello we are disbled NETBIOS / WINS for our Domain Network on client side. Since we did this we have problems to authentificate on our domaincontroller through VPN SSL. With VPN IPSsec all is fine. Also in LAN all is fine. Both, SSL and IPSec using the…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Remote access SSL VPN with certificate only based authentication

    cicro
    cicro
    Hello! I know that a few years ago there was a feature request on the currently retired Sophos's ideas portal, regarding remote access SSL VPN with certificate only based authentication, for Sophos XGS firewalls. Does anybody know if it's possible right…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • SSL VPN access condiitonal access (etc like Checkpoint VPN)

    Georg Zoeller
    Georg Zoeller
    Hi everyone, been curious lately, is it possible to have something like checkpoint conditional access (like is windows up to date, is defender/antivius activated and so on) before allowing to the vpn gateway. And im not talking abou ZTNA since that…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • VPN Portal and Login Security

    FrancescoB
    FrancescoB
    After upgrading to SFOS 20.0.0 GA i activated the new VPN portal. We use only SSLVPN. If SSLVPN is running on port 443 and the VPN Portal on port 444 (or any other), the authentication log displays the correct SRC IP. This allows "Login Security" to…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Limit NON MFA ssl vpn access to specific public ip

    Matteo Vinti
    Matteo Vinti
    Hello everyone, I searched the forum if there is a way to limit SSL VPN access to a specific Public Ip Address but it seems to me that You cannot do it. I see that when You create a Group or a User there is a section called "Limit access" that lets…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • SSLVPN Split Tunnel DNS Resolution failed

    fuuussiiidiel
    fuuussiiidiel
    Hi, when using SSLVPN in split-tunnel mode, DNS resolution to internal resources is not possible. A ping returns "Host not found". When I perform a nslookup, the XGS is contacted and resolves successfully. I've also tried several VPN clients, including…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • SSL VPN HOSTNAME ADD

    satyabrata bastia
    satyabrata bastia
    Hi, we are using SSL VPN and i have added public IP address in override hostname for vpn access. if ISP Failure that case i need to change or change in .OVA file. now we need to add hostname instead of ip address
    • Answered
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • SSL VPN client for Mac

    Samps
    Samps
    I am a Mac user, until today I used Sophos Connect for Mac version 1.4 (ipsec VPN) I realized that there was a CVE on the Mac version of the application, but not on the Windows version, which has since been updated. So I'm at a dead end. My only option…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • SSL VPN : MAC Address and User Active Duration

    Trio Fandi
    Trio Fandi
    Hi, Currently we are using Firewall XG310 and SFOS v20 . My question is : 1. How to bind vpn user mac-address without asking their mac-address manually? Could sophos FW detect it automatically ? 2. Could we set vpn user state duration ? Example…
    • Answered
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Packets dropped due to no heartbeat

    Stuart James
    Stuart James
    We have remote users to connect to a Sophos SSLVPN. We then create the following filewall rule between them and the servers to ensure that they have Sophos AV installed and that there are no issues on either side. Unfortunately, when we do this, no-one…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • VPN POLICY

    satyabrata bastia
    satyabrata bastia
    Hi, we are using HB policy for Lan user. VPN user how to create secure security policy because now we are using any any so i need to change. Is it possible to enable HB policy in VPN. VPN-LAN LAN-VPN Thanks SATYA
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • SSL VPN and certificates

    Andrej Pirman
    Andrej Pirman
    Hi, One thung bothers me regarding SSL certificates. I will have some 30 SSL VPN users on XGS , and I intend to install commercial SSL certificate. But it only has 1 year validity. Does it mean I will need to push .OVPN config to end users every year…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Is there a way to synchronise the web filtering set on the firewall to the rules set on endpoint ?

    Marcel Micallef
    Marcel Micallef
    Hi all, So we have Sophos XG Firewall as well as the Sophos endpoint client for A/V, web filter etc etc... The issue I am having is that we have more detailed filtering at the firewall level so no issues when users are connected to the work network…
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>