we need to update to Sophos Connect due to the security flaw in Sophos VPN.
As we update - we get the error afterwards:cannot load inline certificate file
So i need to update my CA - if i update my CA every user (1000+) needs a new config file. 80% are still remote.
And now Sophos? How shall i update?
I already tried adding tls-cipher "DEFAULT:@SECLEVEL=0" to my config file. No change.
May know what security flaw are you referring to?
Also is this a 3rd party CA or the device CA?
I believe they are referring to the 9.710 update that gets rid of SSLVPN client because of the vulnerabilities that are laid out in the patch notes.
UTM - 9.713-19 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz 16GB Memory | 500GB SATA HDD | GB Ethernet x5
Yes. You are right.
We might use a workaround and deploy the newest OpenVPN community client. It works there.
Updating the old Sophos SSL VPN could not be that difficult for Sophos - but UTM is dead. We are forced to migrate to XG. But we won't.
Ok. There seems to be no more help here.
We will go with OpenVPN until Palo or Fortinet takes our money. Thank you for a long time (Astaro Customer) and no thanks for the recent time.
Does this work for you? Sophos Connect Migration script from UTM SSLVPN - Recommended Reads - Sophos Firewall - Sophos Community
No because my CA is not accepted by the new Sophos Connect client. And it does not accept my line in the conf file