Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Answers 2 answers
  • Subscribers 30 subscribers
  • Views 974 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Client Connect - run_logon_script yes/no (Not working)

tomrgsd

When I download the .ovpn file from the user portal and open it in a text editor, there is line that says run_logon_script no. I tried just setting that to run_logon_script yes, but it does not have any affect. Looking for some assistance getting this to work. From what I've read this should run the login script that is populated in the users AD profile Login Script. If I manually run the command after connection, it works. I need it to happen as part of the VPN process. Any help is appreciated.

Sophos Connect service 2.2.75.0506

strongSwan service 5.95

OpenVPN service 2.5.6.0



This thread was automatically locked due to age.
  • 0

    Hello  ,

    Thank you for reaching out to the community, for the reference you can use the following KBA - Create and use a sign-in script for deployment: https://support.sophos.com/support/s/article/KB-000033337?language=en_US

    And it’s only possible to run scripts when the computer is added to a Domain.

    The logon script needs to be stored on AD in directory C:\Windows\SYSVOL\sysvol\[domain].com\scripts, and yes, you need to specify the script name at the user profile and logon script. 

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Vivek Jagad

    This is for the Client Connect VPN, not endpoint. I can confirm however that we have login scripts defined and they work within the network. They are not, however, running when the client connects to the VPN outside the network. They get connected via VPN, but the login script does not execute.

  • 0 in reply to tomrgsd

    Yup but you can as a reference for sophos connect !

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to tomrgsd

    We had/have an issue where it won't run .vbs login scripts but will run .bat happily enough.

  • 0 in reply to duggan1

    I had it as an .exe and it did nothing. I change it over to a .bat file and it is still not working. 

  • 0

    For us we have used Sophos Connect with the AD login script working for a few years. We are setup with IPsec for it. We aren't using so much now as some of our business travelled locations have blocked VPN use and we mostly now use Triofox to just mount the company drives on PC and Mac over port 443, as they can't block that.

    I do have a couple of part retired users though that are on the Sophos Connect VPN still. I became aware that they were not getting the drives mapped anymore on the VPN and suspected the upgrade to 19/19.5.1. However I can confirm that 19.5.1 does work and with a latest export of the .scx file.

    What breaks it is the newer Sophos Connect apps! So in the versions I have tested 2.2.90 and 2.2.75 both fail to run the AD login script. I do see it still work with 2.1.20 though so grab it here:

     Sophos Connect 2.1 is now GA 

    Side note:
    I didn't have much success with the Mac version of Sophos Connect, as the DNS doesn't resolve. What surprised me was built in to the Mac network settings you can make an awesome Sophos compatible IPsec VPN using the "Cisco IPsec" template. Connects in .5 of a second!

Unfiltered HTML