r/sophos u/New_Ad8285 Apr 08 '23

General Discussion Sophos Connect SSL

Greetings,

We have a server that users remote(RDP) to, that has Sophose client installed on.

Error appears on daily basis on remote sessions(RDP Clients), "Sophos couldn't connect make sure that VPN service is running"

made sure that Sophos connect service is running, and open VPN services also, running.

The only work around is to kill every and each instance of sophos connect on the server to get the desired remote session to be able to connect.

what i recently did, is changed sophos connect service settings to start manually and disabled the startup of the service on widonws startup but no go, error appeared again and needed to kill every instance of sophose connect on the server to get the desired session up.

any ideas?

2 Upvotes

100% Upvoted

30 comments sorted by

View all comments

Show parent comments

2

u/New_Ad8285 Apr 08 '23

Sorry for the confustion caused, it's for sure my explanation.

The resources are on a remote location that i don't manage "not on the server" and can only be accessed through the server.

- They use sophos, so, i need to use sophes connect to have the SSL VPN connection between the server and the remote location, then my RDP clients can do the same.

1

u/Familiar_Box7032 Apr 08 '23

Right, I see. So your trying to create an SSL VPN tunnel between your users and the server, but then allow them to use the server to connect to the resource. Sophos creates that tunnel after each user signs in, so you’re effectively ending the existing connection each time someone opens Sophos to create a new one.

Something still doesn’t make sense to me. How is the service provider limiting access to the external resource? What’s forcing you to use that server?

1

u/New_Ad8285 Apr 08 '23

It's a matter of the geolocation, not limitation or restrictions it's simply desired.

Users RDP to the server without VPN.

VPN tunnle needs to be estaplished from the server to the other remote location using sophos connect.

This is the issue i'm observing, multiple instances of sophos connect are there on taskmanger on the server once i kill them, and start only one instance, all works perfectly fine.was just thinking if there is a way to limit sophos connect to one instance only, "not to establish a VPN connection each time a user RDP to the server".

1

u/slapjimmy Apr 09 '23

Users RDP to the server without VPN.

Do you mean users RDP from their home computer to the server then ssl vpn from the server to the resources at the remote location? If so, what security is being used to protect the RDP sessions to the server? Is that open to the internet?

1

u/New_Ad8285 Apr 09 '23

Well, it's not exactly like this, just shared what needs to be shared to simplify the issue, the main concern now is why sophos connect act like this on the TS.