Good Evening All We have a Site to Site connection between the main office and the Cloud Server Site. Employees in there laptops have two SSL VPN Connections one for the main office and the other for the Cloud Site and they connect using the sophos…

Hi, I have been using UTM9 as a VPN appliance for years now with no issues until a few months ago when my Android devices can't access the network anymore. They can connect just fine, but traffic is not flowing trough the tunnel. I can't even ping the…

SG430 v9.718-5 at 100% cpu load, mostly caused by confd process due to one single SSL VPN connection that is permanently connecting (16 times per minute) and disconnecting. Seems like SG SSL OpenVPN implementation is not able to catch and limit that…

Hi, I have L2TP over IPsec VPN setup on our SG125W firewall and it's not the best as it adds a lot of overhead to the user's connection experience. So searched around on the internet and found this article for setting up SSL VPN using a RAIDUS server;…

Hi All, Thanks in advance. I tried the other solutions in the previous posts but none seemed to have worked. I tried to stop/start these services: OpenVPN Sophos connect. Strong Swan IPsec service. Also, reinstalled the client from the user…

Hi Community, i'm facing a strange problem in a sophos from one of our customers. The SSL VPN Has beenstruggeling with long first loading times in the browser, for example we go to google.com, takes about 40 seconds to load, so i thougth it was a…

Hi, i have a customer using a sophos UTM Firewall, now i' have changed the ssl profile to use a different port and now i need to push a new config file. However i'm looking for a more effective way of pushing it perhaps via gpo and sophos connect…

When i try to connect to external network using sophos connect, my wireless gets disconnected and sophos connect fails to connect. When I use a wired connection no disconnection issues at all everything works fine.

So far, SSL VPN under the UTM has worked without any problems with the OpenVPN client. In the meantime, OpenVPN 2.6RC1 has been released, which requires AES-GCM ciphers. Only with a change in the config file the OpenVPN client can still connect. e.g.…

We are planning to deploy Sophos firewall for clientless user VPN and allow users to RDP/SSH to servers behind the firewall. There will be around 2000 concurrent users. Please share the details of licensing required to support 2000 clientless VPN…

Hi, We have recently renewed our SSL certificate on our UTM 9 firewall. We have installed the PKCS12 and PEM cert and have managed to assign it to the public and private webpage, this shows correct as expected. Our SSL VPN clients aren't reconnecting…

Hi all, When a user repeatedly fails to login via VPN on our UTM, I have setup that I/Admin receive a notification about the incident and the consequently blocking of the ip. However - the notification does not contain the userid which was used during…

Hello Community, I have a problem that i face the last days. We configurated our UTM for SSL VPN the Connection goes over the OPEN VPN Client. It works all very good after some minutes 20-30 . The Client how is connect with the vpn cannot reslove…

Hallo, in einer XG 115 mit der Software 18.5.1 MR-1-Build326 habe ich unter Authentication/User mehrere Benutzer eingetragen, lediglich der Eintrag, der mit einer älteren Firmware erfasst wurde, ist in der Lage, sich noch per SSL anzumelden. Alle Benutzer…

When our company's users use SSL VPN remote access (Sophos UTM 9), customers are not isolated from each other. We do not have such allow rule. Can they be Isolated?

Hello all, As the UTM 9.705-7 we are using was setup by an MSP and at that time we had Exchange 2010, on premise as well. We've since moved to Exchange online and I handle all the Sophos items now. Lately we have random users receiving the following…

So we are going to be wanting to use SSL VPN on our UTM, but I'm having issues getting it to work. Looks as though all the X509 certs are expired and I cannot regenerate. So I tried to create a new one, but once a new one is created, it is set as expired…

Hello All, I have recently added a new NIC to my UTM 9.705-3 and found that if I disable it (bring down the interface) my remote access ssl vpn no longer connects. I did not change anything on the vpn configuration and it works fine when all interfaces…

I have a weird issue. I run an SG in our datacenter, with approx 9 tunnels to my clients (all SG or XG) and approx 30'ish ssl vpn remote access' There is one client with an SG who's tunnel seems to stop send through traffic every couple of days/weeks…

Hi Guys, I'm running the latest UTM 9 (version 9.705-3). I have the following configuration: LAN 1: 10.10.1.0/24 LAN 2: 10.10.2.0/24 SSL VPN Pool: 10.10.3.0/24 Everything works fine. I can log in with VPN users and they get allocated an IP address…

My goal: Have a usergroup in Windows active Directory Users and Computers which can connect via SSL VPN but only access one specific (git) server we host via a url, not via an IP. What I have achieved so far; the user can connect via VPN, it can access…

Hello. Now that everyone is working remotely I've encountered a few issues accessing things outside our network from the SSL VPN. SFTP (SSH on port 22) is the main one of these. It connects fine from inside the office but not via the SSL VPN. When…

I am not an expert on the Sophos UTM but I know enough to be dangerous. Recently, under Remote Access > SSL > Settings, we made a change to the port being used which required every employee using the VPN to download a new config/profile on every device…

We use SSL VPN for our user. Now we have bought a new UTM and would like to use SSL VPN for all users in the future via the new machine. The new UTM has a new public IP and a different host name. This means that we all have to migrate VPN users from the…

Hello. Since lockdown earlier in March, when we supplied all users with laptops to work from home, we have been able to connect to them via RDP as long as they have been connected to the Sophos SSL VPN. Normally, we'd connect and log in, they'd get…