Yeah and even then it will fail to connect to the server because the client encrypts the data with the shown public cert and when the server tries to decrypt the request it will fail
My university has the same sophos firewall so yours will work on mine too i think so can you share yours?
You get around this with proper firewalls/systems that require your machine to accept their cert and the firewall/system makes the request itself rather than your machine. This means DPI can see everything and you can restrict all access to require said cert or the connection fails. So even a https connection gets watched. My college did something similar but they opted for students to be able to use things like VPNs and what not freely.
No xD
You shouldn’t share your VPN config files
Yes but the VPN programm reads the cert and encrypts the traffic besides https and sends this so if the server tries to read it it will fail and wont connect