Hi all I’m a bit stumped.
just installed 2x new domain controllers as part of project to get 2012 server out. All gone well and working.
Added new servers to xg firewall tested and working fine.
Set as new default vpn auth providers in settings.
Removed old domain controllers as auth providers.
Vpn doesn’t work.
Download new config and it works. Put old servers back and it works.
Can’t see any reference to auth servers in config file.
Am I really going to have to call all 40+ staff and download new ovpn files? This seems ridiculous?
edit I should spefify, we’re using sophos connect here for the most part. There may be a few stragglers on the previous Sophos SSL VPN Client
Please check the authentication server for VPN under Administration, you might be using the wrong category, there are to points to change it Firewall Authentication and or SSL VPN / IPSec Authentication server
Thanks for your suggestion.
The servers were both in SSL VPN and indeed work *IF* you download a fresh config. But not without.
Just spoke with one of my colleagues who suggested downloading groups again via the new Auth Servers to see if this makes any difference.
no dice on the group import, firewall says it already exists
Well I would recommend to use Sophos Connect Client to auto-fetch the correct config because the legacy SSL-VPN client is end of life.
You dont need to re-import the groups, the authentication server looks itself for the specific group membership.
hi yes thats whats happening we just have a handful of users still who wont contact us or ignore requests. FWIW this issue affected me on Sophos Connect on my own laptop so dont believe its client specific
Looks to be solved now. Was a typo in one of the domain fields on new primary auth source which wasn’t particularly visible on the remote session I had open on small screen. Resolved on site with bigger display.
Thanks
Ah, classic, good to hear that its resolved now 
