Hello, Starting about a month ago (Nov 20), we have had some users report that their Sophos Connect profiles have disappeared and they are required to Import them again. Import usually comes up with an error that the profile already exists. Even though…

Hi, We have around 40 users from which some Intercept X users (Windows 10) which are unable to connect over VPN. All the components are installed and even updates from Sophos central are reflecting on the end point. Below is the error which is shown…

Hello. We have a client using Sophos Firewall installed in a VM. ( Firmware 17.5.12) They are have expired SSL CA Certificate and when they applied new SSL CA Certificate, it shows error and VPN users unable to connect. So, now they are using expired…

I have a Sophos model SFV1C4 with SFOS 19.5.2 MR-2-Build624 After the last firmware my site-to-site connections is timing out. It is Sonicwall that initiate the connections. I am using IKEv2 and after a while I get an error: ID 983 VPN IKEv2 Received…

I am running Sophos XGS 19.5.2 MR-2-Build624 in an active / passive cluster. I have configured IPSec VPN for 150+ remote users. I have approximately 32 split tunnel networks (recently migrated from another vendors platform). I've noticed that once connected…

Windows clients work fine and can resolve domain.server.local names just fine over vpn. ios clients on local wifi resolve fine. ios clients on vpn (openvpn) cannot find domain.server.local domain is set in vpn settings, dns server ip is set in vpn…

Hello everyone, I have XG2300 SFOS 19.5.2 MR-2-Build624 and I have an issue with the Remote access SSL VPN connection. The issue is that a user connected via Remote SSL VPN receives a reset connection from server at random. I have tried to resolve…

Scenario is as follows: Sophos Firewall Version: 19.5.2, XGS 6500 Sophos Connect Client Version: 2.2.90.1104, Windows 10 22H2 Sophos Firewall is configured for SSL VPN and IPsec VPN. User adds .pro file in Sophos Connect. User is prompted…

Hey All, , So i had something interesting that got fixed today. On the old XG V17-19 when you create a IPSEC VPN, you didnt need to add a no NAT rule (I could be mistaken if some one can confirm this) But on the XGS, I had setup all the VPNs…

Today a Mac User had a SSL VPN connection and was authenticated with CAA client authentication agent against XG firewall 19.5.2. During work, the user authentication dropped - due to timeout, according to access_server logfile. The SSL VPN connection…

We download the new Sophos connect client from user portal. And uninstall old client and install the new one. Plus I contacted both ISP and they conf irmed no ports are blocked!?

Hi, our Windows 10 users use Connect Client 2.2.90 with the infamous .pro file to tonnect to XG 19.5.2 Firewall with SSL VPN TCP and access internal resources. The SSL VPN clients use the XG firewall as DNS resolver. The XG uses DNS forward rule for…

We have a user that is complaining repeatedly about disconnecting SSL VPN (TCP) with Connect Client 2.2.90 SFOS is 19.5.2 I assume his ISP uses IPv4 sharing / DS-Lite. Nevertheless, when he connects, he is connecting with an IPv4 address and that…

Hi, XGS2300 (SFOS 19.5.2 MR-2-Build624) We have a bunch of Macs and a couple Windows 10 PCs. The Remote Access SSL VPN Works great on Mac. With a 500/500 connection at the office I get 300-350 from my home on MacOS in speed tests to a server in the…

Hello, We have the following scenario: Two Sophos XG310 with active-passive high availability enabled. Since we configure high availability from time to time, the site-to-site ipsec VPN service just stops working, 80% of our tunnels are disconnected…

Hi, I'm trying to enable an IPSec Site-to-Site connection with a remote location but have a few problems on the route side Here's my config : Sophos XG - SFOS 19.5.2 MR-2-Build624 Sophos LAN on 172.16.16.x (set as LAN in Hosts and services)…

Clients were connecting fine with Sophos Connect and had their static IP adresses. Suddenly one day it was saying wrong PSK every time I tried to connect. I've checked PSK and many others settings and averything is fine. My SOPHOS XGS2100 has SFOS…

Hi. I am currently working with a test environment and have configured two XG firewalls to have an IPSec Policy-based site-to-site connection between them. I cannot get the IPSec connection to forward traffic correctly. I have been trying for hours…

Hello to all, I would like to set up an L2TP remote access VPN connection with authentication via certificate. Unfortunately, this does not work if an intermediate certificate is used without having to modify the ipsec configuration via shell. Environment…

Ok, i`ve just encountered a strange behaviour/phenomenon with the XGS3100 Firewall we are using: Reacting to a ticket that homeoffice connections via IPsec VPN no longer work, i eventually checked the policy tester to assure myself the FW rules were…

Remote Access VPN IPSEC with Authentication type certificate does still lead to invalid connection .scx file on SFOS 19.5.0 GA-Build197, SFOS 19.5.1 MR-1-Build278 and SFOS 19.5.2 MR-2-Build624 if the "Organization name" in the Certificate does contain…

I am having difficulty routing across our vpn's. I need for Host1 and Hostt2 to be able to reach Alert11, Alert12, and Alert13 but currently that isn't happening. I can reach Gateway11, Gateway12 and Gateway13. The network looks like this: NetworkA…

Hi, We are losing our ipsec link after some time. (randomly) Initial connection is ok no problem But in logs we have this message : IPSEC FAILED Couldn't parse IKE message from : X.X.X.X Check the debugs logs ID 18052 If i reinitiate manually…

MO: XGS136/SFOS v19,5,2. Not in production yet, setting up to replace production firewall. BO: XG115/SFOS v19.5.2. In production. MO & BO have had an IPSec S2S running for a long time with the MO production firewall. The MO XGS that will replace…