• Can't access Admin GUI unless I SSH first

    Rich Grodzicki
    Rich Grodzicki
    I have two home deployments of Sophos Firewall v20, one at home and one at a family vacation home. I've set up VPN, routes, and rules between without issue. But the strangest issue that I can't seem to resolve is that with the vacation home the Admin…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • IPSec Site-to-Site VPN Local Subnet Becomes Unreachable due to Inactivity

    EdgeFour
    EdgeFour
    Hello, I'm experiencing the exactly same problem as the guy in this (sadly locked) thread: IPSec Site-to-Site VPN Local Subnet Becomes Unreachable due to Inactivity As the thread ends with him contacting the support and no real solution, I was…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect (OpenVPN) Security Statement

    LuNie
    LuNie
    Sophos Connect still uses the very old OpenVPN version 2.5.6.0 and there have been some security annoucements since that version: https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements e.g. the last CVE-2024-27459: Windows: fix a possible…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Connect: Multi-user Autoprovisioning

    RIWE
    RIWE
    Hi, as we can read in multiple threads, Sophos does not think multi-user devices are important. Sophos Connect with multiple users on the same PC - Discussions - Sophos Firewall - Sophos Community Sophos Connect client multi-user environment: usage…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Site-to-Site VPN Issues

    Alan Spark
    Alan Spark
    I am testing a new XGS 136 (SFOS 20.0.0 GA-Build222) offsite to replace an onsite XG 135 ( SFOS 19.0.2 MR-2-Build472). The backup of the XG 135 was used to setup the XGS 136. We have never used the IPsec Site-to-Site connection before but may have a…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • GRE TUNNEL TUNNEL GETTING PRECEDENCE OVER OSPF

    KEITH ZONGORO
    KEITH ZONGORO
    Hello, I'm currently managing an XGS Sophos firewall at our headquarters, and we have a dual ISP setup connecting to branch offices. Our primary ISP uses **OSPF**, while the secondary ISP relies on a **GRE tunnel. The challenge arises when I add a…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • REMOTE ACCESS VPN

    Patricio Gómez
    Patricio Gómez
    Hello, good morning, my vpn connect is something strange, apparently when I connect it to my laptop and connect to another network the vpn grabs me, but the users who install the vpn connect, I enter their credentials, it looks like the image, they are…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Connecting to VPN ignores all local DNS setup

    Matt Tyree
    Matt Tyree
    I have some services running on a local server behind a reverse proxy and those services are protected from access outside IP subnets not specified in the reverse proxy settings. In my local router, I have the addresses for all these services listed…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • VPN on Android, can access LAN by IP but not Name

    Joe Schmoe
    Joe Schmoe
    On my phone connected via OVPN I can access local network resources by IP but name resolution won't work. VPN: SSL VPN (remote access) I have Policy Members setup Use as default gateway is on Permitted network sources IPv4 is set to my local LAN VPN…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • How to find out IP-Adresses of incoming ipsec vpns at sophos xgs firewall

    msw_fisit
    msw_fisit
    We have a sophos xgs with several ipsecn vpns site to site running. the Sophos XGS is responding to some VPNs that are without fixed public ipv4 adresses. One VPN incoming has no fixed static ip adress, but i need to enter that ip-adress at xgs to…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • VPN SITE TO SITE

    Patricio Gómez
    Patricio Gómez
    HELLO GOOD AFTERNOON DO YOU KNOW WHY THE VPN CANNOT CONNECT AND I AM CHECKING THE RULE BUT THERE IS TRAFFIC AND THIS IS THE RULE
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Passing IPsec networks through SSL VPN

    Lais Medeiros
    Lais Medeiros
    Dear, I have a site-to-site VPN between a Sophos XGS87 and a fortigate. I need SSL VPN users on my Sophos to have access to remote networks from this fortigate. Local networks on the Sophos XGS87 side: 10.40.85.0/24 10.50.85.0/24 Sophos SSL VPN…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect - SSL VPN not working

    Lennart Siekmann
    Lennart Siekmann
    We are having an Issue with the VPN Connection of a single Client. Users are authenticated via AD, the Sophos Connect Client and Config file was downloaded from the Sophos VPN Portal. When starting the VPN Connection it loads forever until it eventually…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS Site-To-Site SSL VPN will not auto connect after reboot

    Mook Sin Siew
    Mook Sin Siew
    Hi, We have a Sophos XGS 107 (Client) connecting to another unit XGS 2100 (Server) via Site-To-Site SSL VPN. We noticed the Site-to-Site SSL VPN will not auto connect after the Client unit get restarted When it happened, we manually on/off the SSL…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Captive portal on branch site with RED on standard/split setup - update

    Sagar Ghosh
    Sagar Ghosh
    We have a community post 5 years ago regarding Captive portal on branch site with RED on standard/split setup. The answer was that is not possible because, in Standard/Split implementation, the internet traffic is routed directly from the RED to the…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • VPN IPsec site to site between Sophos and Seqrite UTM

    Sunit Thakur
    Sunit Thakur
    I have created VPN IP Sec between Sophos xg136 and Seqrite Terminator UTM after some time vpn auto disconnted and send below log error. And manually have to conect. Couldn't parse IKE message from 47.X.X.X[38049]. Check the debug logs. Traffic…
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Home to replace Arista Home Pro

    James Pifer
    James Pifer
    Hello. I'm looking at replacing my current Arista Home Pro with Sophos Home. A couple important features I use are TunnelVPN and Bypass. Can Sophos do a site-to-site vpn to Torguard ? Can you control access through the VPN by rules, ie source address…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • SSL VPN access condiitonal access (etc like Checkpoint VPN)

    Georg Zoeller
    Georg Zoeller
    Hi everyone, been curious lately, is it possible to have something like checkpoint conditional access (like is windows up to date, is defender/antivius activated and so on) before allowing to the vpn gateway. And im not talking abou ZTNA since that…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Sophos VPN Client - disable autoconnect when in local network

    Kam
    Kam
    Hi all, I'm struggling with setting up Sophos VPN Client on user's Windows computers. What behaviour I expect is to automatically connect when user connects any network except internal LAN/WIFI. So if users is turning on the laptop at home and…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect: MFA box parameter in .ovpn files?

    Quallensaft
    Quallensaft
    Is there any way to activate the MFA box at login in Sophos Connect direct in a .ovpn config (no provisioning)? I guess with provisioning the firewall will also only create a .ovpn config with a parameter for MFA. client dev tun proto udp verify-x509…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Remote access SSL VPN with certificate only based authentication

    cicro
    cicro
    Hello! I know that a few years ago there was a feature request on the currently retired Sophos's ideas portal, regarding remote access SSL VPN with certificate only based authentication, for Sophos XGS firewalls. Does anybody know if it's possible right…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • help to configurate IPSec VPN sophos xgs136

    Davide Filippi
    Davide Filippi
    Hello everyone, I need help setting up an IPsec VPN. My provider gave me these parameters: Remote Gateway: <public address A> Subnet: <range of public addresses B> Phase1 and Phase2 parameters that I know it have to match Firewall XGS136 I…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect - Problems with activated IPv6 on Client

    bmu
    bmu
    Hello, we're using a Sophos XG 135 in Cluster as VPN-Endpoint. On the client side, we're using Sophos Connect with a provisioningfile. If a client gets a IPv6-Lease (on the WiFi-Adapter in Windows, for example), users can't connect with Sophos Connect…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Site-to-Site VPN Problem Invalid SPI

    Trio Fandi
    Trio Fandi
    Hi, We are using Sophos Firewall XG310 , SFOS v20. It's been 4 month we have established Site-to-Site VPN, and today suddenly our connection is Down with many " Received IKE message with invalid SPI (D3EED417) from the remote gateway " log messages…
    • Answered
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • Very slow web admin access from RED network

    LMSIIATO
    LMSIIATO
    Hello everyone, I have a central xgs 2100 firewall with 5 RED devices connected. When I am in one of the networks managed by a RED and I have to access the firewall's web admin, the connection to the web admin is excessively slow and impossible to use…
    • 9 months ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>