When will SFOS support IKEv2 for Remote Access? I was expecting a technical problem when I tried to enable IPSec RA and it did not allow me to select the default profile. I could not believe, this is not supported on a modern firewall. Vivek Jagad…

Hi, we are trying to configure IPsec tunnel between Sophos and Cisco ASA all configuration phase 1 and phase 2 are matches both sites. phase 1 is up but phase 2 is down i have checked logs below error message we are getting. 2024-12-05 13:15:08Z…

How can I factory reset my sophos red 60 manually using the reset button at the back. Also, is there a way we can access the red device through console or ssh?

Good Day, We have 2 remote offices with a site-to-site link connecting to Head office. Network config for offices: Head office: 10.x.x.x/16 Remote Office A: 172.16.x.x/16 Remote Office B: 172.17.x.x /17 Have fail-over links connecting both…

Hello All, I have 2 branch offices and one HQ office. I would like branch 1 to be able to communicate with branch 2 VIA the Sophos XGS appliance in the HQ. Can any body give me any pointers for the best way to achieve this. I know I could connect…

Very good to all!!! Objective: It is needed that the “SSL VPN” connections of the clients, are allowed to connect through “Sophos Connect” through the main_gateway, and in case of failure of this, they can connect through the backup_gateway. Case…

Hi, My employer uses Sophos Connect VPN. I currently use an Intel PC but am looking at changing to an ARM Snapdragon X PC. However I'm not sure whether Sophos Connect is compatible with Snapdragon X. Sophos "Supported platforms" on this support page…

Hi, What's the recommended configuration for clients behind a RED? We have the the RED in SPLIT tunnel mode and have the Sophos Heartbeat IP included in the traffic sent over the tunnel. Is this right? We also have a Firewall rule for traffic to…

I'm a pulling my hair trying to figure out why our SSL VPN users all of a sudden cannot access the network resources. For the most part I moved 99% of our users over to IPsec VPN setups but in some cases, like accessing from China, IPsec does not allow…

Hi, I cannot find instructions on how, if possible at all, create Site2Site VPN tunnel, from Sophos XGS outbount to OpenVPN server. This is for IP phone service, I created one LAN port for local phones, MASQ via WAN interface....and now I nned to create…

The SSL VPN client is not connecting immediately after installation and returns the error below We have just uninstalled the previous version of SSL client and re-installed the above. The last time a colleague installed a fresh OS on their machine, the…

Good day l have create a site to site to vpn , the vpn is up , but we cannot ping the branch site On the head office there is ospf configured, and if we trace route from the firewall it's showing that the traffic is going through the ospf vpn of…

I'm trying to configure an SSL VPN. Our WAN subnet has 5 IP addresses, with 4 aliases set up for the additional IPs: Port2 Port2:0 Port2:1 Port2:2 Port2:3 Currently, I have a web server running on Port2:0 . I want the SSL VPN to run…

Hi, Every month, when users change their Windows password, the VPN credentials do not update automatically. On the administration side, we have to delete the User, purge the AD users, and re-register them again. We have already tried setting the …

It seems there hasn't been a solution for years: we have two gateways, Port4 and Port5, and we only want to use the gateway on Port5 for SSL VPN. However, the .ovpn file ALWAYS includes both gateways, with Port4 listed BEFORE Port5. We then have to manually…

Hi. I need to implement a feature where my client can use the Sophos client with a single connection profile (a single imported .ovpn SSL VPN file) but pointing to 2 different locations . If the first IP fails, it will establish itself in the second…

Good morning. I am having problems with a server when accessing remote servers through an IPsec tunnel. SITE A has to access SITE B's servers and vice versa The problem is that for approximately a week one of the servers at SITE A (192.168.200…

I received a message from SSL VPN and Captive portal about a certificate issue. I created a locally-signed certificate and installed it on the client’s machine, but the error related to the certificate still appears. Could you please advise on this?

This is an issue that I have seen with multiple customers. The VPN connection as Tunnel interface is established. The XFRM is configured to be non-overlapping in any sense with other IP subnets on the Firewall. Even then the gateway shows down. Here is…

Hello everyone, I can not seem to find an answer to this question and hope that someone can clear this up. We are currently migrating from the old VPN Client (SG) to the new Sophos Mobile Connect Client (XGS). Both are using SSL VPN Config. …

Hello everyone, I have issue with routing over VPN IPsec tunnel. In my setup there are two Sophos XGS116 firewalls running SFOS 20.0.2 MR-2-Build378 located on HQ site and BO site. Each site has stabile ISP connection with static IPv4 address. VPN IPsec…

Hi, we're experiencing a problem with Ipsec Vpn (site2site) from Sophos to Cisco. In the Ipsec tunnel we have two subnet (subnet1 e subnet2) at sophos vpn side and one subnet (subnet3) in the remote site managed by cisco. It seems that only on subnet…

Hi, I have forced a rule where users has to vpn no matter what when they are outside our network domain. I was able to perform a file provisioning that auto connect users to VPN, however I still have one issue is that sometimes, before connecting…

Hi team , We have configured the SSL VPN in the firewall and allowed a single IP address in the permitted network resources, When we connect with VPN from other network, It will show the entire /24 network IP address as well as a single IP in the…

Hello, I have a situation where i need to assign IP addresses to SSL remote access VPN clients from a certain subnet (10.10.10.0/24), and bridge the connection with a router (10.10.10.1) connected to a DMZ interface. I understand that the firewall assigns…