Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 5025 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Connect disable option to save credentials

Albeck

Hi folks,

with the EOL of the Sophos SSL VPN Client, i will migrate all my VPN users to the new Sophos Connect client.

With the old client the users were always prompted for their credentials upon vpn connection initiation.

On the new Sophos connect client it s possible for them to store their credentials, which I don't like and think is bad in terms of security.

Is there some option or possibility to disable this?

I found in this Sophos doc an option for a provisioning file, but I think this will only work with the XG Firewall. Also (auto)provisioning is not possible with UTM, so a registry setting, ovpn config file editing or similiar would be great!

(https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/en-us/webhelp/onlinehelp/nsg/sfos/concepts/SConProvisioningFile.html)

Thanks!



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to LuCar Toni

    Sure, no problem if it is fine for you. I am not going in a principal discussion on this one.and would prefer to go back on topic.

    I plainly asked if there is a way to disbale it. And since there is an option for XG it should somehow be possible.

    Thank you for your input.

Children
  • 0 in reply to Albeck

    As far as i know, it is not possible with a UTM. You need to migrate to SFOS to use this feature, as it is a feature of the .pro Config file. This .pro does not use openvpn, instead it uses a connect to the firewall (SFOS) and generate/download the config file for the user. 

    UTM only use a per user config file (ovpn). 

    And i came up with more examples to my point: What about Azure AD. It stores your password and reuses it with cookies to resign in. Is it insecure? 

    __________________________________________________________________________________________________________________

Unfiltered HTML