Since the last Update Windows 10 and Sophos VPN doesn't work

Yes. The VPN client is not getting pushed the route to your internal network. See this thread for a temporary solution: community.sophos.com/.../294417

Yep. I implemented a temporary workaround by changing /var/sec/chroot-openvpn/etc/openvpn/openvpn.conf as such:

# push 'route-gateway 10.242.2.1'
push "route 0.0.0.0 0.0.0.0 10.242.2.1"

And then ran:

/var/mdw/scripts/openvpn restart

Reconnected the SSL VPN, and all is well.

Unknown said:

Yep. I implemented a temporary workaround by changing /var/sec/chroot-openvpn/etc/openvpn/openvpn.conf as such:

# push 'route-gateway 10.242.2.1'
push "route 0.0.0.0 0.0.0.0 10.242.2.1"

And then ran:

/var/mdw/scripts/openvpn restart

Reconnected the SSL VPN, and all is well.

You are a star. Won't this set the default route, though, and make *all* requests go through the tunnel? I modified the command to just route requests to the remote internal subnet:

push 'route 192.168.5.0 255.255.255.0 10.242.2.1'

Hi All,

Please refer the link below, hope that helps:

https://community.sophos.com/products/unified-threat-management/f/58/t/55773

Thanks

Matthew said:

Tim Dufrane

Yep. I implemented a temporary workaround by changing /var/sec/chroot-openvpn/etc/openvpn/openvpn.conf as such:

# push 'route-gateway 10.242.2.1'
push "route 0.0.0.0 0.0.0.0 10.242.2.1"

And then ran:

/var/mdw/scripts/openvpn restart

Reconnected the SSL VPN, and all is well.

You are a star. Won't this set the default route, though, and make *all* requests go through the tunnel? I modified the command to just route requests to the remote internal subnet:

push 'route 192.168.5.0 255.255.255.0 10.242.2.1'

Hi Matt,

Yes, that will cause it to become the default route. For my situation that's the desired effect. The basic command, as you found, can get as granular as you want with multiple routes. However, keep in mind this will apply to all users - if you have specific users who need more specific routes, their individual configs can be modified through /var/sec/chroot-openvpn/etc/openvpn/conf.d/username.

Unknown said:

Please refer the link below, hope that helps:

https://community.sophos.com/products/unified-threat-management/f/58/t/55773

I don't think this is the same issue, though I would be happy to be corrected. Anything to provide an easy fix.

Hi

Very sorry for the troubles caused.

This issue is being caused by users being configured multiple times in one remote access profile. So, if you configure Joe directly and Joe is also member of a group which is configured for the same profile you run into this bug. It is also triggered by the same user being member of multiple groups which are configured for SSL VPN remote access.

You can fix the issue by removing the duplication and configure each user only once. I know that might be difficult with backend groups or comlex setups, but maybe it works for you. We are investigating what caused this regression.

d12fk said:

This issue is being caused by users being configured multiple times in one remote access profile. So, if you configure Joe directly and Joe is also member of a group which is configured for the same profile you run into this bug. It is also triggered by the same user being member of multiple groups which are configured for SSL VPN remote access.

This issue happens (for us, at least) even when the user is *not* configured multiple times in the same remote access profile.

In my case the problem was the username with "ö".

In the last years there was no problem with it.

regards Peter

Matthew said:

This issue happens (for us, at least) even when the user is *not* configured multiple times in the same remote access profile.

I've heared (but have not checked) that the issue also happens when the same user is configured in two or more profiles.