This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.710

So, with the release of update 9.710, the SSLVPN client is being removed from User Portal.

Before that happens - I have some questions regarding this update.

  • With removal of this client from the User Portal, do existing clients still work if they are already installed on client computers?
  • Has Sophos Connect DNS bug issue been addressed and fixed?  Before that client touches my computer(s), that has to be addressed, as I VPN into more than one UTM location.

Thanks.



This thread was automatically locked due to age.
  • So, I bit the bullet, and updated to 9.710.  I had SSLVPN client already installed on my laptop, so I tried to install Sophos Connect along with keeping SSLVPN Client.  Sophos Connect wouldn't install so long as the existing SSLVPN client was installed.

    And, obviously, the Connect client hasn't been updated to 2.2 yet, so yeah there's that 'other issue that shall not be named' with 2.1.  Expressionless

    In case anyone was wondering, as no one had replied to my own questions. ;)

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Well, that's a good! (Not realy).
    I wonder if Sophos has thought about how long companies might need to roll out a new client without shutting down the old one.
    Unbelievable this procedure :-(

  • and keep in mind all the password issues the Connect client has. Check out the XG forums...

  • Yes, I was really, really hoping that Sophos would have handled this much more differently.  At the very least, get 2.2 client out before forcing this on to the customer base, or at least allow the SSLVPN client to continue to be used if it were already installed.

    One of the more disappointing issues, but I've been disappointed before... won't be the last time.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Hi Amodin,

    in the KB about the EOL of the SSL VPN Client, it is stated, that the "old" client will continue to work.
    https://support.sophos.com/support/s/article/KB-000043484?language=en_US
    Have you double checked that after updating to 9.710?

    With the "DNS bug" I guess you mean the inablility to have multiple configured VPN connections (different useres) to the same DNS address?
    I have to say, that this is a real bummer and is present in the current 2.1.20 version.
    But multiple different DNS destination do work.
    However I can not tell if simultaneously. 

    What will be the changes for version 2.2?

  • It stated that, but the client wouldn't connect any longer for me and I really didn't have the patience to go looking for the issues, especially if the client is EOL (frankly not worth my time). So, I went ahead with the update, just for the sake of actual CVE issues being addressed.

    Aside from that, you can't use Sophos Connect and the SSLVPN client on the same machine.  Okay, I get that, they essentially do the same thing. Thus, my concern for the DNS bug that you mention. That could have at least been updated prior to forcing the client in 9.710. My understanding of the changes in 2.2 will address the DNS issue, but I don't know what else will be added.  

    I can't connect to the other remote location with this new client yet, and that will take some research which is worth my time but will have to wait a while after my other projects.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • Wait! What?

    The old client does not connect to 9.710 anymore?
    Can you confirm this?

    If this is true... omfg!

  • You can only use 1 VPN-Client on the same machine (because of the identical network adapters for the VPN-Client):

    So you have to decide: Old SSL client OR new Sophos Connect Client.

    If you just need Sophos Connect for IPSec VPN you can use old Sophos Connect Client V.1.X for IPSec and still use old SSL-Client together on your machine... ;-)

    regards

  • Can someone confirm or decline if the old SSL VPN Client still works after 9.710 update? We won't afford updating to Connect client atm.

  • I just connected to a UTM on 9.710 using the old SSL VPN Client