Hello all, We have some external contractors that require access to our Azure network instance, and instead of whitelisting their own public IPs, we want them to come through our firewall (XGS 136, latest SFOS, SSL VPN set to act as gateway mode), so…

Hello everyone, I'm reaching out on behalf of a customer who is encountering an issue with their XG230, which seems to be creating two 'phantom routes' as part of the SSL VPN configuration profile. We've noticed that due to these phantom routes, the…

I have a new install of v19.5 on my own hardware (protectli vault), switched from pfsense this week. The firewall is performing very well with one exception. I configured a "country block" rule and blackhole NAT at the top of the rules. But once I do…

Hi All, I was wondering is there a way to have 1 Domain used for SSL VPN connection . So to explain better. You can have 1 Domain that gets resolved to the external IP interface of the device. But lets say we have 2 external IPs, Is there a…

My internet explorer 11 is in version LOG: MSI (c) (58:14) [02:24:17:400]: PROPERTY CHANGE: Adding IEVERSION property. Its value is '11.789.19041.0'.

Hi, while connecting remotly throught a VPN SSL and reaching LAN, I can only ping and reach devices with default gateway configured. (no DHCP running, only static addresses) There's a way to solve this without configuring gateway or placing a router…

Hi I have a sophos fw xg2100 with two wan links and set up a new ssl-vpn connection, the problem is that the automatic .ovpn file generated by sophos has the remote gateway order wrong! Well if I manually edit the file on notepad, everything works…

Is there a method to white list IPs per SSL VPN group, to only allow those users to be able to VPN in if they are coming from the list static IPs?

Hello, I'm not really expert on this. Here the event log: 2023-07-04 10:47:20 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is…

SSL VPN Network: 192.168.99.0 /24 Local Network: 172.20.10.0 /24 - (Multiple) Firewall-Rules from VPN to internal resources - added all networks under Permitted network resources (IPv4) - testet with/without "Use as default gateway" in VPN conf In…

Hello @all, if you have 80 networks, do you really have to add all 80 networks by hand (same to new networks)? No way to allow access to ANY?

Hi, Iam currently setting up a ssl vpn to my server. Connection to server is success. I can ping and RDP. The problem is that for a certain software to run, i need to change my server private ip to the public ip.

Good evening! I have Remote SSL VPN setup, and I can connect to it no problem. The network address for these clients are 192.168.3.0/24. Below are my three policies for allowing traffic from the VPN zone to the WAN, LAN, and DMZ zones. Here are…

We've got a Sophos XGS 116 firewall and I'm trying to setup a remote access VPN using SSL. I've followed the steps outlined in the article "Configure remote access SSL VPN with Sophos Connect client" but when I reach the step to check device access settings…

Hello Community Please help on these mater would be more appreciate, I have an ISP Router front of Sophos and SSL VPN is connected but loosing internet in client PC and not able to ping any recourse even icmp,ssh,rdp what I need to enable any port…

Please does Sophos MFA expire? I configured MFA on SSL VPN about 3 months ago and I had issues connecting sometime last week. I had to delete my MFA account, rescan the QR Code on the user portal before I could access the SSL VPN again. Now two users…

XGS136/SFOS 19.5.2 Is it possible to use an alias WAN IP other than the firewall's IP with the SSL VPN? I'm setting up the XGS to replace an existing production firewall, and using an unused LAN and WAN IP to do it. My plan is that on migration day…

Hi, Is it possible to apply session timeout for VPN users and force to re-login? If possible, how to do it? Thank you so much. Best Regards

Hello, I want to terminate active SSL VPN connections via CLI interface or API. What can I do about it? Can you help me?

Hello All i have setup my new XG and everything work Fine.. then i configure my SSL VPN and tested in my home different location in same country and all work perfect once i try to login from different country, i can't login at all i have change…

Hi; I have 3 DCs for domain in my network. 111.local 192.168.1.11 PDC 192.168.1.12 ADC 192.168.1.13 ADC 192.168.1.1 is a SOPHOS LAN interface ip address Under the DNS host entry, I entered these fields with the DC server ip addresses. (Network…

When is Sophos implementing Azure SAML support for the SSL VPN? It's already available in the user portal how long until we can configure this for the VPN, we are contemplating dumping Sophos and moving to something else to get this feature.

What is the reason for this message that appears when adding hosts to SSL VPN profiles? I mean, you want to change the profile, you WILL change the profile. Why the need to click on that every time? -> Remote access policy "name" has been updated…

Hello, We have created the IPSec tunnel (uses NAT) to application provider dc. Internal network is translated to NAT IP (provided by application provider). Tunnel is working. Now, we have to add SSL vpn remote access network to that IPSec tunnel…

Hi Guys I have numerous issues with regards to the new SFOS v19.5.1 on most of XG115 firewalls, as soon as we upgrade to the latest SFOS v19.5.1, the XG firewall starts to have Remote Access VPN issues. One issue on another client the remote VPN could…