Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 6 subscribers
  • Views 1383 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Connect Client does not ask for certificate password on connect

starfish4711

Hi,

I've just performed a short test of the current Sophos Client as IPSec client of our UTM (certificate-based).

Setup worked fine, but what wonders me: the client does not ask for the certificate password on connection start. It did ask one time only when importing the connection profile, that's all.

That means: this way everyone who can access a client computer with the Sophos client installed could establish a VPN connection to our network (please don't let's discuss that foreign people should not gain access to such a computer in the first place)! 

Is this working as designed or is this a bug? Is it possible to change this behavior (best case: not on each client computer individually)?

Or do I have to use xauth/otp to make this client safer?

Thanks in advance!
Regards
Frank



This thread was automatically locked due to age.
Parents
  • 0

    Hallo Frank and welcome to the UTM Community!

    The Sophos Client is in broader use on the XG platform, so you might also want to post/look there.  That said, I always like using OTP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Hallo Frank and welcome to the UTM Community!

    The Sophos Client is in broader use on the XG platform, so you might also want to post/look there.  That said, I always like using OTP.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Hello Bob,

    thank you!

    I understand that the Sophos client is intended for the XG firewall in the first place. But as it can be used with UTM also, I have placed my question here, to avoid getting answers which relate to configuration options that only XG might have. :-)

    Basically it should be an easy task for the client to *not* store the password...

    Cheers, Frank

Unfiltered HTML