Hi There, First of all the Windows Server is not part of a domain it's just in a workgroup and had no domain name associated with it. The Sophos UTM9 is at 192.168.16.1 on the internal network, the UTM is providing DHCP, all 192.168.16.xxx numbers…

Hi I tried to install the SSL VPN client that I downloaded from the user portal and "run as administrator". But it failed to install. Any thoughts? It's been years since I have installed this client last I heard there was a updated client you needed…

Hello, We recently had to move buildings quickly and as a result our ISP isn’t in place yet. As a work around we’re using hotspot to a windows 7 box, configured ICS and then sharing that connection to the clients and VPN to connect to resources. However…

Good afternoon folks, I hope someone can help me here... We use SG210 Firewalls and have a 'guest' wifi set up on it with no content filtering on it (the policies are all set to allow all traffic our). However I had a visitor here the other day who…

I have to create a tunnel between our sophos utm 9 and a remote linux libreswan. Here is a table with the proposal from the remote site (libreswan on the left) and which setting I tried to match on our side (sophos on the right) libreswan…

Hi guys, I have a site to site ssl vpn connection that is working great. I have an SG105 that captures all traffic (lan or wan) from its clients, and forwards it on to an SG310 at our main office. When the tunnel fails, I want devices on the SG105 to…

Hello all, I have established an IPsec tunnel between two sites using a pair of UTM9 appliances. I can ping between subnets on both sides. However, as soon as I try SSH or HTTP to services on the remote subnet communications fail. I have checked the…

please can you help me in solving this problem am having new sohpoe firewall and i tried to setup site to site vpn with another old one this error comes out sent MR3, ISAKMP SA established 2018:05:15-16:58:17 pluto[25761]: "IPSEC" #4: responding…

First of all sorry for my ignorance but I would like to know what exactly afcd does, I couldn’t find any information about it in the help and the forum. My problem is that it seems to limit my VPN speed by using all the cpu and it would be great if I…

Hi I have a issue with CA, I did configuration the Access Remote SSL and Install the Profile of the User in windows 10, but the connection SSL is not work. I see a log of client and seems to be CA is not reading in the work station. Could…

Hello. I have a "simple" issue: i need to build two ipsec tunnels in which the destination is the same subnet, so my question is about the route precedence in case i make a more narrow tunnel(or even a host tunnel) on one side to solve this. for…

I have had a Site to Site IPSEC connection established for years and all of the sudden it has stopped passing traffic... Both systems UTM 9.509-3 Here is a tcpdump of the source (Respond only GW) UTM ipsec connection: here is a tcpdump of the…

Hi all, I am experiencing a very strange behavior with an IPsec tunnel between a customer's site (Checkpoint) and our UTM9: It seems to me that every evening at the same time our customer kills all IPsec connections - somewhat ungracefully. Then…

Hi. Can you help me with this problem that appears in VPN configuration: 2018:01:23-17:04:57 shopos_amazon pluto[7027]: packet from xxx.xxx.xxx.xxx:500: Quick Mode message is for a non-existent (expired?) ISAKMP SA 2018:01:23-17:05:23 shopos_amazon…

Previously had an IPSec VPN working between these two devices, after changing WAN address of the UTM pair, will not re-establish the link. PSK has not changed and I can see attempts on port 500 reaching us, but they reportedly can't see us trying to reach…

Howdy :) I'm a recent convert from PFSense. I now use Sophos UTM 9 (9.506-2) on the same hardware (Supermicro A1SAi-2750F - so an Atom C2750 SoC) I have a 100/100 Mbps Internet link. Everything works very good, as expected. Everything except Remote access…

Just had my first failover situation. My main fibre connection went down and the failover using LTE (mobile broadband) worked. Dyn DNS was also updated after failover. However, I couldn't connect SSL VPN. My UTM (v9.505) is configured to listen on SSL…

Hi Guys I'd be appreciate if someone help me with this crazy (yet should be well easy) IPSec Tunnel between two FWs. I followed this dude's vlog, but i got no luck yet.. This is what I see from IPSEC VPN* log from Webadmin portal of UTM9 ... …

Hi! I can't get my SSL-VPN to work, I followed Sophos own guide for setting this up, only changing the port. See below for settings. The log outputs the following: 2017:11:10-14:47:05 openvpn[25581]: TCP connection established with [AF_INET…

Is there any problem with installing the Sophos IPSec client (11.x) and the Sophos UTM SSL VPN client on the same computer? Is there any conflict between the two clients? Only plan to make a connection with one client at a time. I just wanted to know…

Hi , I have a problem with Sophos if you have possibility to help . I have a VPN Site to Site over MPLS , but the problem is with Sophos Firewall traceroute shows same hop several times Can you help to fix that? Do you have any idea if exist on…

Hi, We have UTM 9 (9.501-5) deployed in AWS for VPN purposes and it was working fine for about 1 year, but since a few weeks now we're having major problems. Every day the VPN becomes unresponsive and in the openvpn.log files we see thousands of lines…

Hi all, We use Sophos UTM V9 for a lot of things and have always been very pleased with the quality and supported features. In the past, we also used Sophos UTM for a site to site IPSEC-VPN tunnel to a virtual network on Microsoft Azure. Not anymore…

Hi, I have got the SSL VPN working great on a remote Win10 laptop, it gets assigned and IP address and I can access local resources as I should. Locally we have some websites/software that needs access to specific IP address that are routed out via…

I'm trying to wrap my head around a Problem that a customer of ours brought up to me. He has a Central-IT that has a 100M syncronous Line with static IPv4-Adress(es) and a 50M V-DSL Backup-Line with a dynamic public IPv4-Adress. In the central office…