If I have to disconnect SSL VPN User Sessions, it would be fine, when I have a button.

Currently only one CLient SSL VPN connection is allowed at any one time to Sophos firewall (UTMs). Suggestion is for muitiple connections. Reason is we do off line backups to customer sites via VPN but currently can only do one at a time. We have several customers who require us to do these backups.

Use Coupon code: BFCM20

URL: https://fastestvpn.com/lifetime-special-deal

FastestVPN offers a smart, easy-to-use service for all devices including Windows, Mac, iOS, Android, Smart TV, and your router. As the name implies, this high-powered VPN operates with 99.9% uptime and gives you access to more than 350 high-speed servers

Features:

Restrictions: for use by up to 15 users
350+ servers in 41+ countries
Unblock USA Netflix, Hulu, BBC iPlayer & Disney+
Unlimited bandwidth
256-bit AES encryption
Zero logging
Ad blocker
NAT firewall
Anti-malware
24/7 technical support
Unlimited server switches
Internet kill switch

Sophos does currently not support the VPN Connection of iOS devices due to incpmliant key length in Certificates. Apple devices expect 2048 Bit. Please upgrade the WebAdmin CA.

SSL-Site-to-Site-VPN uses the same IP pool as SSL-Remote-VPN. This leads to problems if the UTM acts as an SSL-Site-to-Site-VPN-Master and at the same time as an SSL-Remote-VPN-Master.
By using the same pool, packets from the respective VPN systems are routed incorrectly. For example, packets from the remote VPN can be routed to peers in the Site 2 site tunnel.

Hello,

I'm using SSLVPN and am getting "Bad compression error" as mentioned in below post:
https://community.sophos.com/products/xg-firewall/f/vpn/100669/ssl-vpn-bad-compression-stub-decompression-header-byte-102

Downgrading OpenVPN client to version 2.3.10 solves this issue.

As discussed with Sophos Escalations Team, raising a request here to upgrade OpenVPN server of Sophos to make it compatible with newer versions of OpenVPN client.

Ubuntu 18.04 onwards ships with newer version of OpenVPN client and its older versions are no longer supported on Ubuntu 18.04 onwards. Hence, it would great if this can be done at the earliest.

if you have one time password (OTP) turned on and you reach key lifetime which by default is 8 hours the VPN kicks you out because it tries to re-authenticate with the old OTP password - new versions of openvpn have fixed this - a work around is to adjust the key lifetime which decreases security

FastestVPN was formed in the Cayman Island in 2017 and instantly became a success, their renowned features made them the best VPN for Android users, and their formidable security protocols, also named them as the best VPN for IOS users as well!
https://fastestvpn.com/download/android-vpn

hi all,

I would like to monitor via snmp users vpn sessions, ie there bandwith and the user logged on at any given time on my utm 9 device.

thanks,
Rob

If a user is deleted from the UTM and the account was in use for SSL VPN, his user certificate should be set to a certification revocation list.
The SSL VPN service should use this revocation list to avoid using old certificates from accounts that were created on the UTM with the same name. This is currently possible, 05/2020.
The UTM does not maintain revocation lists for users and the SSL VPN service does not use this capability, although OpenVPN offers it.

I'd be nice if you would include WireGuard in your suite of server-side VPN protocols in your UTM line.

When clients connect via the SSL Remote Access VPN, you should have the option to assign IP Addresses via an internal DHCP server and not only from the UTM Virtual IP Pool. This is currently available with PPTP and L2TP over IPsec but not with SSL VPN. Companies need to have more control over the IP addresses and leases assigned to clients that connect via the SSL VPN.

Customer is requesting to have restriction for the machine to log in on remote access vpn if it do not have any sophos agent installed on it. For your assistance please

Hi, Please include generate email notification alert for Remote Access VPN option in Sophos UTM 9. This help us to know who and where they connect.

Currently, the Amazon VPC setup does not support the new Transit Gateway in AWS. When you attempt to import via config file or secret key it errors out with a Regex error.

I went up the whole chain of premium support and the GES Engineer let me know it currently isn't supported.

As Transit Gateway is the future of Inter VPC & S2S networking this would be nice to have supported.

Please block Star VPN. It is connecting on the user machines and they can browse freely.
Thanks