I have used an SCX file edited with Sophos Connect Admin to disable the tunneling of all traffic through the remote network. Problem is, using that scx file on a guinea pig laptop leads to "Connection may fail because IKE UDP Port seems to be blocked" errors and a failed connection. So I want to start with the working .pro file provided by our IT firm...
Our outside IT firm is moving us all over to Sophos Connect since the old VPN connection method is losing support. They provided us with a .pro file. Looking at the doc page for .pro files, it doesn't appear there are many options.
I see the .pro file options are wrapped in [], but otherwise a lot of the options in it are the same as the scx file. Sophos Connect Admin cannot read the .pro file directly, but if I remove the square brackets it can.
Can the .pro file be edited with Sophos Connect Admin to remove tunneling all traffic? Otherwise, how do I make sure all traffic isn't tunneled?
File contents...
The .pro file:
[
{
"gateway": "<ip>",
"user_portal_port": 4433,
"otp": false,
"auto_connect_host": "",
"can_save_credentials": true,
"check_remote_availability": false,
"run_logon_script": false
}
]
My old .scx file looks like:
{
"name": "AP_Sophos_Connect",
"display_name": "AP_Sophos_Connect",
"domain_suffix": "ap.local",
"type": "xg",
"managed": false,
"version": 1,
"gateway": "<ip>",
"vip": "0.0.0.0",
"auto_connect": {
"required": false,
"enabled": false
},
"run_logon_script": false,
"proposals": [
"aes256-sha2_256-modp2048"
],
"dpd_delay": 60,
"rekey_time": 15300,
"start_action": "none",
"local_auth": {
"psk": {
"id": "0.0.0.0"
},
"xauth": {
"can_save": true
},
"otp": false
},
"remote_auth": {
"otp": false,
"psk": {
"id": "%any",
"secret": "XXXX"
}
},
"child": {
"proposals": [
"aes256-sha2_256-modp2048"
],
"rekey_time": 3060,
"remote_ts": [
"10.0.0.0/24",
"<ip>/32"
]
},
"history": {
"connect_time": 0,
"connect_result": 0
},
"favicon": ""
}
This thread was automatically locked due to age.
