Dears
I am currently trying to set up SSL VPN on my SophosXG125 firewall, but I am encountering difficulties connecting without a public IP address.
Could you please confirm if it is possible to use SSL VPN without a public IP? If so, I would appreciate…
This problem is occurring on Sophos Firmware 20.0.2 MR-2-Build378 as well as SFOS 21.0.0 GA-Build169. The problem also occurs on an XG with a firmware of 20.0.2 MR-2.
Route Precedense has been set the following ways: static vpn sdwan | vpn static sdwan…
After the XG 210 upgrade to SFOS 20.0.2 MR2 build 378 we now have the issue that firewall rules for AD Group VPN Users no longer work for some SSL VPN users belonging to the AD VPN Users group. We know that IPSEC doesn’t work with AD groups but SSL VPN…
Hello Dear ,
I am experiencing an issue while attempting to set up the SSL VPN. When I download the Sophos Connect client from the user portal, the VPN option does not appear in the dropdown menu, preventing me from downloading the Sophos Connect client…
Hello Team,
I am explaining my case to you in order to receive the best advice from you as Sophos experts. I have my Sophos XG430 SFOS 20.0.0 GA Build 222 in production as a perimeter firewall (I only use 2 WAN ports and 1 LAN), this equipment allows…
Hi,
I am giving up on this,
I have opened a case with sophos but cannot figure out the issue. I have created a clientless VPN sftp for our server. It always gives me
read: Connection reset by peer
It works perfectly fine with Winscp using the…
I'd like to roll out SSLVPN to some of our users, but the password concatenated with the OTP code is very awkward....
You can't save the password, and you can't easily use a password manager either.
Is there some way or 3rd party software that will…
Very good to all!!!
Objective: It is needed that the “SSL VPN” connections of the clients, are allowed to connect through “Sophos Connect” through the main_gateway, and in case of failure of this, they can connect through the backup_gateway.
Case…
I'm a pulling my hair trying to figure out why our SSL VPN users all of a sudden cannot access the network resources. For the most part I moved 99% of our users over to IPsec VPN setups but in some cases, like accessing from China, IPsec does not allow…
The SSL VPN client is not connecting immediately after installation and returns the error below We have just uninstalled the previous version of SSL client and re-installed the above. The last time a colleague installed a fresh OS on their machine, the…
I'm trying to configure an SSL VPN. Our WAN subnet has 5 IP addresses, with 4 aliases set up for the additional IPs:
Port2
Port2:0
Port2:1
Port2:2
Port2:3
Currently, I have a web server running on Port2:0 .
I want the SSL VPN to run…
Hi,
Every month, when users change their Windows password, the VPN credentials do not update automatically. On the administration side, we have to delete the User, purge the AD users, and re-register them again.
We have already tried setting the …
It seems there hasn't been a solution for years: we have two gateways, Port4 and Port5, and we only want to use the gateway on Port5 for SSL VPN. However, the .ovpn file ALWAYS includes both gateways, with Port4 listed BEFORE Port5. We then have to manually…
Hi.
Anyone has configured Sophos XGS SSLVPN with Active Directory Authentication on AD with enumeration blocked?
After configure Server on XGS I can authenticate and retrieve groups/users without problem... My problem appears when try to authenticate…
I received a message from SSL VPN and Captive portal about a certificate issue. I created a locally-signed certificate and installed it on the client’s machine, but the error related to the certificate still appears. Could you please advise on this?
Hello everyone,
I can not seem to find an answer to this question and hope that someone can clear this up.
We are currently migrating from the old VPN Client (SG) to the new Sophos Mobile Connect Client (XGS). Both are using SSL VPN Config.
…
We have AD synced Groups. We use them for FW Rule permissions, SSL VPN access and MFA control on the Firewall.
Now we have this scenario:
User XY is member of these groups:
Group A (used for a firewall rule) Group B (all members of the company,…
Hi,
I have forced a rule where users has to vpn no matter what when they are outside our network domain.
I was able to perform a file provisioning that auto connect users to VPN, however I still have one issue is that sometimes, before connecting…
Hi team ,
We have configured the SSL VPN in the firewall and allowed a single IP address in the permitted network resources, When we connect with VPN from other network, It will show the entire /24 network IP address as well as a single IP in the…
Hello,
I have a situation where i need to assign IP addresses to SSL remote access VPN clients from a certain subnet (10.10.10.0/24), and bridge the connection with a router (10.10.10.1) connected to a DMZ interface. I understand that the firewall assigns…
Hi there,
I am looking to configure a RDP Bockmark to allow our user to use the terminal servers on the road without using a VPN. Because of security reasons I want to use NLA, my question woud be is there any way to give the user the ability to change…
So, I wanted to post a bit of a rant here regarding an undocumented change to RADIUS authentication after SFOS 20.0.0 that has broken my DUO MFA implementation.
For years I have had my users added from AD and I was able to pull multiple groups through…
hi, i am trying to install SOPHOS connect but it is not being installed. detail is given below:
Sophos connect_2.3.2-VPN.msi Microsoft Surface Laptop, 7th Edition Processor: Snapdragon(R) x 12 Core X1E80100 @ 3.40 GHz 3.42 GHz installed RAM: 16GB
Hi,
we have a site-to-site tunnel from Sophos Firewall to AWS.
Several local (sophos side) networks are appearing in AWS routing tables correctly.
However, the SSL-VPN network will not appear in AWS routing tables.
When I check bgp information…
I have a question about SSL VPN auto connect. Can the user receive an automatic connection to the SSL VPN after restarting their computer and connecting to the internet?