Hi,
I have used the old SSL traffic light client for years now and it works fine. I am migrating over to XG and decided to give the Sophos connect client a go especially because it now supports Auto-connect for SSL VPNs. This is a big plus as with a lot of people working from home, people never bother to connect the old VPN
The auto connect feature works great. I can save the user credentials and therefore it will seamlessly connect when outside of the corp network. However I am having issues with it "auto disconnecting". If I shutdown or sleep and then connect to the corp LAN then the auto connect pings my server and doesn't connect because it is on the LAN. However, if I swap from an external network to the corp LAN without rebooting, sophos connect will simply remain connected even though it is on the LAN.
Is there some kind of timeout before the client disconnects during which time if it can reconnect to a new network again, it doesn't perform the local host LAN ping check? I realise that in the real world, a user wont have two network leads - one with an external IP and one that is on the corp LAN and be swapping them over within a few seconds of each other but it is possible that they could be on a guest wifi or hotspot and then connect onto the corp Wifi very quickly.
I really want to avoid having users on the corp LAN still connecting over the VPN and therefore using resources on the firewall and also having a slower connection due to the VPN overhead. With my existing setup on the UTM, I block VPN port on the LAN network so the users can't connect from within the network. However this causes its own issues as if the VPN is half connected (ie still trying to reconnect when they bring the laptop from home back into the office), the route tables aren't cleared and they can't access network resources.
This thread was automatically locked due to age.