We are a medium sized automotive dealership group with 11 locations all with a connection back to a centralized XGS2100. A few of the stores are on the same campus and are connected back to the XGS2100 via private buried fiber each having their own port…

Planning roll out of Sophos Connect 2.2 for an SSL VPN against an XGS135, v19.5.1 MR1. Description of check_remote_availability in the .pro file is vague in Provisioning file - Sophos Firewall : " Performs a remote availability check at connection startup…

Hello, We are monitoring VPNSSL for security purpose with snmptraps. It's working, but in the text send in the trap by the sophos firewall, we don't have the real public client ip address. Here is an example : 20230308.100302 UDP: [XXX.XXX.XXX…

Hi, i got an issue with a Windows 11 client. The Sophos Connect client using an existing IPsecVPN connection doesnt connect anymore. On investigation i figured out, that the client connects one time after reboot - if i disconnect the session and…

Hello, I have a problem with an Upgrade on the XGS2100. at this Moment i have running SFOS 18.5.3 MR-3-Build408 on the XGS2100, on the SG115 9.713-19. When i Upgrade the XGS2100 to SFOS 19.0.1 MR-1-Build365 the Site-to-Site IPSec VPN don´t let any…

Hello, we are currently testing 2FA with our XG v 19.0.1 and also some VPN changes. Now every user has to download his personal config file from the user portal so he can connect. Is there a KB or something else where it is written WHICH option(s…

Hi all As per the subject we are busy testing to see if we can establish a site to site vpn tunnel between our on prem Sophos firewall and a newly created virtual Sophos xg firewall in Azure but we cant seem to get the tunnel to come up. So firstly…

Hi, I have XGS-126 as IPSec VPN client, calling Draytek router as VPN server. I also tried to reverse sides , but the problem remains the same. From time to time, very randomly, it might be once every 2-3 weeks, or even so frequently like 4 times…

Hi, I currently have a Sophos XGS 136 running SFOS 19.0.1 There is also an SSL VPN service that is running. Users are able to connect with either Open VPN (2.4.9) or Sophos Connect 2.2.75 without any issues. However one of the users upgraded to Open…

Dear all, We are struggling with the generated .opvn Connection files users can download from the user portal on the WAN ports for VPN we do not know and cannot find it in the online help, how they are created. our setting: XGS 3100 Firewall, Firmware…

We have 2 XGS 2300 (HA mode) with firmware 19.0.1 MR365, We tried to configure a rule for ssl vpn user with option "Block client without heartbeat" checked". Rule matchs also for clients wihout endpoint installed. We tried KB-000038254 without luck…

hi i am running a XG SFVH on FW SFOS 19.0.1 MR-1-Build365. I have successfully added a RED15w, but how do i manage the wireless - nothing is showing up under Wireless. It seems to be a bug, but since this is a "home edition" sophos is rejecting my…

Hey, since we upgraded from SFOS 18.5.4 to 19.0.1 we can no longer see the source IP a SSL VPN user connected from in the VPN logs. It simply shows nothing or the LAN IP Address of the Firewall in the SSL VPN IP-Range. We only see the real source…

Hello Community, We have XG330 at HO (Previously working on 18.5.3 - recently ipgraded to SFOS 19.0.1 MR-1-Build365 ) and a mix of XG106 and XGS107 at locations with SFOS 19.0.1 MR-1-Build365 We had configured IPSec Tunnel with BGP over RBVPN…

SSL VPN ISSUE Version - SFOS 19.0.1 MR-1-Build365 VPN is connected but Issue faced. 1 . SSL VPN Gateway Is reachable. 2 .Network that are in sophos Firewall are reachable (Port-1 -- 192.168.100.1/24 -- Server = 192.168.100.10/24) Interface IP address…

Hello - I was just on the phone with a Sophos tech troubleshooting our site to site IPSec tunnel from a remote site to the main site. Its been working fine for years, up until the last week or so, where some traffic seems to go in the tunnel but never…

XG firmware: SFOS 19.0.1 MR-1-Build365 Hello, Internet access in the SSL VPN full tunnel breaks off after about 15 minutes during use. Only the firewall management page can be accessed. Internal servers or IPs cannot be reached! Nothing can be seen…

Hi all, I have two site (HQ & Bo) with vpn ipsec link HQ: XG330 (SFOS 18.5.4 MR-4-Build418 BO: XG86w (SFOS 19.0.1 MR-1-Build365) Until yesterday, everythings works well. Then I noticed the problem of the vpn connection I check all configs, no…

XG firmware: SFOS 19.0.1 MR-1-Build365 Users running the legacy SSL VPN client are seemingly ok. This is only affecting 2 users using Sophos Connect. The VPN doesn't show as disconnected to the end user but I can see termination entries in the SSL…

Hello, I have XGS2300 running (SFOS 19.0.1 MR-1-Build365). I have a question about the provisioning file and imported connections. Whenever I run the provisioning file I always get IPsec remote access connection imported even though my group isn't in…

My red device is installed as standard/split and is connecting to sophos. Uplink is green. Split networks defined. At the same time, the departure and return rules are also smooth. But i have a different problem. When I ping the RED's local IP address…

Hi all, I meeting a client tomorrow to tshoot his bad experience with internet connection speed when connected to Remote SSL VPN. I'm not an expert so I've made some research and found few things that I check/test. Appreciate any advise that could…

Hello guys, we have a Sophos XGS 3300 cluster (1 9.0.1 MR-1-Build365) and are using Sophos Connect Client for our HO users. All users have an IPSEC and and a SSL VPN profile in the connect client. In the future we want to use the provisioning file …

I have a Site to Site (XG is server) and before upgrade all work for year. After upgrade randomly (i think this happen on night for some sevice restart maybe?) the firewall not use the Tunnel to Route the traffic The VPN is working from the other…

Hello, XG210 (SFOS 19.0.1 MR-1-Build365) I setup an SSL VPN profile, while using a backup/failover IP (so I could configure remotely) Now, each time I download the config file, it chooses to use failover IP instead of the main WAN IP. The only…