Hi; My red device is installed as standard/split and is connecting to sophos. Uplink is green. Split networks defined. At the same time, the departure and return rules are also smooth. But i have a different problem. When I ping the RED's local…

XG or XGS with SFOS 19.0.1 is IPSec Site-to-Site Tunnel initiator. The other side is responder. Issue: Whenever I change the IPSec connection e.g. add a host or network object, change something in the securitysettings, the tunnel will terminate and…

An XG106 with SFOS 19.0.1 has a unchanged VPN Tunnel to a SG Firewall. The tunnel is up and communication through the tunnel is possible. But since the last Firmwareupgrade of the SG Firewall (9.712-13) , the XG is producing Gigabytes of errors and…

Hi, We have an established L2TP VPN tunnel that has been working for years. Local authentication on the firewall. The firewall is XG ver 19.01 MR-1 Build 365, and a copule of days ago the VPN just stopped working. Around the same time we imported…

Hello there, like the title describes, I'm currently facing or investing the problem of the sudden loss of all IPSEC VPN connection to our back offices and also both connection to our cloud provider. We made no changes before the incident and…

I have a site to site IPSec VPN between two Sophos XG both located in LA. HQ Site: SG230 (SFOS 17.5.16 MR-16-Build830) BrachOffice: XG125 (SFOS 19.0.1 MR-1-Build365) Problem: A particular site is not accessible from branch office but that is accessible…

Hi guys, I'm trying to setup a policy based site-to-site tunnel, but the traffic won't go through the tunnel. Like the tunnel itself is up and running. Per the others party policy, we had to use SNAT and the needed subnet is not private: 100.270.xx…

Hi all, i have a ipsec-connectin, but packets didn't use these: XGS2100_RL01_SFOS 19.0.1 MR-1-Build365# ip route show table 220 192.168.192.1 dev ipsec0 scope link src 192.168.179.254 XGS2100_RL01_SFOS 19.0.1 MR-1-Build365# ip route show table all…

Some trouble with .ovpn file for linux or android. After we add a SD-RED device, there is missing one "remote" IP address in .ovpn file, only TCP port. ... remote a.b.c.d 8443 tcp-client remote 8443 tcp-client remote x.y.z.k 8443 tcp_client How…

Hi there, I have a site to site Connection from a Site A XGS116 1GB/300MBit to a Site B XGS2300 1GB/1GB. First i use encryption IKEv2. With this Configuration it was not possible to work with the Shares. Click on a File with about 300 MB, a blue…

I 'am creating a VPN IPSEC Tunnel between 2 BRanchs ( partner local and eleader distant ) The distant site ( central ) forced us to use the same parametrers that he is using with other branchs , unfortunatley after setting all the configuration , the…

Hello, we have an XGS 2100 (SFOS 19.0.1 MR-1 Build365).and we tried to configure (without luck) SSL Authentication using a Windows Server Radius. We always get "authentication failed" using "test connection" button (I know that pap must be enable…

https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/SystemServices/RED/index.html For XG's on SFOS 19.0.1 MR-1-Build365 + RED firmware 3.0.008 with "Use RED unified firmware" not enabled and "Firewall RED…

Firewall Site: - XG125w (SFOS 19.0.1 MR-1-Build365), IP Range 192 - Network range: 192.168.0.X Remote Client Details: - Network range: 192.168.5.X - Sophos Connect Client Version: 2.7.75.0506 - Client OS: Win10 Pro 64bit (latest Windows…

Hello, this is not the question. This is description of one problem ... Solution is known but hidden. I decided to retell the story by other words because I still remember tries of angry users lynching me ... :-) Maybe it will help somebody We are…

Issue 1x Laptop will not complete connection to sslvpn. After filling in the user credentials for the Sophos Connect and hitting connect, the connection never complete. Firewall logs say user is connected. About one out of every 30 connections it will…

I am configuring some IPsec vpn between my client's main office and 10 branch offices. In the main office I installed a Sophos xgs116 (SFOS 19.0.1 MR-1-Build365) to replace an old Zyxel Usg 300 and in the peripheral offices there are 8 Sophos XG85 (SFOS…

XGS4500 (SFOS 19.0.1 MR-1-Build365) Our SSL VPN stopped allowing two-way communications. We can ping the VPN Client IP from inside the network. Once the client connects, the client cannot communicate to anything (full tunnel). NSLOOKUP, PING, etc. …

Hi, I had an issue in this scenario: XGS with SFOS 19.0.1 MR-1-Build365 + 2 RED60, Server W2012R2. The REDs operation mode is set Standard/unified; REDs are in a RED Zone. Each RED as it's own DHCP range (set in Network|DHCP (to be able to add static…

Hi all, I would want to make the sophos connect vpn client *not to* store the vpn profile, and download it every time. I've checked the documentation at https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts…

I can't make sense of this issue, any help / ideas would be much appreciated because i feel like I'm taking crazy pills <insert Mugatu> I have the following setup: XGS 2100 Site 1 (Latest Firmware) SG 115 Site 2 The sites are connected via…

Hi to all, Let me tell about the config that I'm testing: - Site A: XG 135 Rev 3 with Home Edition license. FTTH connection 1 Gbps symetrical. Network: 192.168.21.0/24 - Site B: XG 230 Rev 2 with Home Edition license. FTTH connection 300 Mbps…

Hello, from one day to another I cant connect to XQ (latest Firmware). Opebn VPN sayes (I wil post only RED sections here): Fri Sep 2 15:43:48 2022 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption…

XG Firewall version 19.0.1 MR1 build 365 and Sophos Connect 2.2.75 client are affected. After a successful IPSec connection, after a few hours, the user is unexpectedly logged out of the firewall. The IPSec connection itself continues to work, but any…

Hello Community, I have an IPsec Tunnel with the Firewall IP (192.168.0.1) on local site and a Webserver (192.168.100.100) on remote site. The Tunnel is established. On local site I have a 2nd system (192.168.0.2), that should have access to the Webserver…