Ran into an issue this past week I want to make sure everybody has a quick answer to. The "Sophos SSL VPN Client" would connect and give the green status light, yet when you looked none of the routes were allowed to be executed. Even if the user was a local machine administrator it would fail.
Sophos UTM 9.3x using SSL VPN and the Client Laptop (Windows 7 Pro w/ SP1) was unable to properly connect after a reboot. When they first installed the application it would work, but then the next reboot cycle it would not.
Ended up finding the "OpenVPN Interactive Service" was failing to start upon restart. After a lot of tracing and testing I found the following services on the Client Laptop from Lenovo to be the issue:
FastbootService
HyperW7
Both of these services are related to Lenovo's optimizations to allow Windows 7 to boot time to be decreased by tweaking how things start and/or are paused. Apparently Lenovo ThinkPad & IdeaPad products with the "Enhanced Experience 3" (EE3) badge have this software preloaded.
Without disabling these services I was running into numerous cases where the "OpenVPN Interactive Service" would intermittently timeout upon boot. At first I just tried disabling the "FastbootService" and found after numerous restarts again the "OpenVPN Interactive Service" timed out (#8 after seven successes). Digging further I found the time it failed is when "HyperW7" also did not start (it was Automatic at the time). So I disabled "HyperW7" and tried 12 more reboot cycles without any further issues with the "OpenVPN Interactive Service" starting on boot.
After disabling these Lenovo services a Standard User of the Laptop has no issues with using the Sophos SSL VPN. The "OpenVPN Interactive Services" properly starts and therefore allows the connection to update routes accordingly.
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
