Hello Sophos Community,
We purchased the Sophos XG series to replace our use of Cisco ASA firewalls. We've been generally satisfied with the change. However, the last remanant to repplace the ASA completely is User VPN access.
The Cisco AnyConnect client connection tot he Cisco ASA follows our requirement to use MFA for our users. When the user becomes idle and the timeout has passed, the user is disconnected from their VPN session.
I have tested many configurations with the XG -> Remote access VPN -> IPSEC settings and the Sophos Connect file to prevent Sophso Connect client from retrying the connection, thus inundating my testers with MFA challenges until the eithr accept or cancel the request. Until it the timeout aoocurs again anad again. I can't deploy this solution to my users without causing undo stress to them and the support team.
Does anyone have a working IPSEC settings page and Sophos Connect config file that does not try to reconnect after the timeout has been reached? Please share so we can kick the ASA to the curb.
Thank you,
John
This thread was automatically locked due to age.
