This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Connect 2.3 cannot connect to Sophos UTM

I upgraded my Sophos Connect client to the latest version 2.3 ( Sophos Connect 2.3 Update Released) and since then cannot connect via SSL VPN to my UTM / SG230 obviously because of a cipher incompatibility.

Client says Timeout

openvpn.log says:

OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-128-CBC') to --data-ciphers (currently 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305') if you want to connect to this server.

I even cannot fix this because the UTM doesn't provide any of the ciphers listed behind "currently" as a cipher setting. I tried AES-256-CBC but this didn't help and instead created issues with all other users not being able to reconnect suddenly.

Any ideas?

Best regards,

Oliver Regelmann

This thread was automatically locked due to age.

Parents

0 LuCar Toni 6 months ago

Wondering: Why did your openvpn config change?

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 LuCar Toni 6 months ago

Wondering: Why did your openvpn config change?

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Oliver Regelmann 6 months ago in reply to LuCar Toni

It didn't. I just updated the Connect client from 2.2.

Then I thought upgrading from AES-128 to AES-256 (on the UTM) would help but obviously it still doesn't like "CBC".

Seems to be a problem inherited from OpenVPN. Current releases of the Community client show the same behaviour. 2.5 seems to work, though.
Cancel
Vote Up 0 Vote Down

Cancel