Hi everybody,
this is my first post here :-). I have a problem that has been bugging me since last november. I set up a XG 125 with v18 for a new client and configured IPSec VPN using the Sophos Connect Client - split tunnel mode. So far so good. Intercept X is running on all the remote access devices (=laptops).
One important selling point was that Sophos offers the option of restricting access to devices with a heartbeart. So we checked that box in the VPN FW rule and during the initial tests there has been no problem.
We than rolled out the VPN Configuration and after some days I got reports of failing VPN connections. Pretty soon it became clear that this is due to a missing heartbeat.
So we unchecked the "heartbeat only" box and VPN has been working ever since.
However, my client insisted on turning the heartbeat only feature on - which I completely get since this is the reason he chose Sophos over other solutions.
I did research of my own, read through the forum here and contacted Sophos Support several times but haven't managed to solve the problem. Sophos and I agree, though, that it is a heartbeat problem...;-).
What's driving me nuts is that I cannot see any pattern, it's an on/off thing. It seems that sometimes the heartbeat info reaches the XG, sometimes not. It happens on Windows 10 machines and also on my own MacBook (mac OS 10.15).
The only thing that stays constant is that one user cannot connect at all when using her cable modem at home. And what seems odd to me is on the XG > current activities > IPSec Connections I can see user entrys with the local subnet and the Heartbeat WAN IP (as it should be imho), but I also see sometimes double entrys for the local subnet and/or no Heartbeat WAN IP.
One more thought I had: Could ISP devices (cable modems etc.) be responsible? Meanwhile I'm thinking of switching to SSL VPN to work around this...
So, I hope you can shed some light on this, any help is very much appreciated.
Kind regards,
Martin
This thread was automatically locked due to age.
