Upgrade to Sophos Connect from Legacy SSL VPN Client

Updated by Bob Pankratz


In order to use the new Sophos Connect Client you will need a couple pieces of info before proceding:

  • The web address of your Sophos user portal; URL will look similar to:
  • Your ActiveDirectory username in short-form without the domain. This will be one of the following:
    Firstname, First.Lastname, or FirstinitialLastname
    This will likely be the same name are you log in to your PC with in the form of "Domainname\Username" or "Username@domainName.

  • The ActiveDirectory Domain name that you are connecting to if you are using a Laptop in and out of the Office.

Remove Legacy Client from your Computer

  1. Click Start Menu
  2. Type "Add" on your keyboard
  3. Click on "Add or Remove Programs"
  4. Wait for the Apps & Features page to appear
  5. Type "VPN" into the filter
  6. Click on Sophos VPN
  7. Click on Uninstall twice
  8. Remove the old configuration file by opening Windows File Explorer and going to this location as shown below.C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\config

Download and Install New Client

  1. Login to your VPN Portal (Your username and password will be the same as your office pc)
  2. Download Sophos Connect and configuration file
  3. To install Sophos Connect on Windows, do as follows:
    1. Open the installer.
    2. Accept the license agreement and click Install.
    3. Once the installation is complete, click Finish.
  4. Import an SSL connection from the user portal
    1. Click Import connection on the Connections page.
      If there are existing connections, click the menu button and choose Import connection from the drop-down menu.
    2. Browse for the .ovpn file and open it.
  5. Follow these instructions to establish a connection.
    Make sure there's at least one imported connection available
    To establish a connection do as follows:
    1. Select a connection on the Connections page.
    2. Double-click the connection.
      You can also click Connect.
    3. Enter your username and password and click Sign in.
      • If your firewall administrator has configured One Time Password (OTP), in addition to entering your username and password, you must enter your six-digit OTP passcode. You'll see a third input box (under username and password) where you enter the OTP passcode.
      • If your firewall administrator has configured mixed mode two-factor authentication (2FA), you'll see a third input box (under username and password). You must enter one of the following words: pushphonesms, or enter a DUO token.
      Sophos Connect attempts to establish the connection and authenticate you.
    4. If you're facing connection issues, do as follows:
      • To investigate the cause, click the Events tab or click the menu icon and select Open VPN log.
      • You can also contact your IT administrator or firewall administrator for further assistance.
      The image below shows you where to find the Events tab and Open VPN log.

    The connection to the remote server is established. The image below shows a successful connection:
    Image showing an example of a successful connection
    If the connection is successful, you'll see this icon on the taskbar:
    If the connection is unsuccessful, you'll see this icon on the taskbar:

Advanced Setting for Domain users with local firewall active

  1. Advanced Settings if Firewall Block full connectivity
    For some installations if you are a heavy user of network connections and you firewall status is normall "off" for domain connection and on for Public and Private connections you will need to perform these additional steps.
    1. Launch the Windows Network Adapter settings with this sequence of commands
      1. Press Win+R.
      2. type "ncpa.cpl" without the quotes
      3. Press Enter -or- Click OK
    2. In the new window, double-click on the the Sophos TAP Driver and then click the 'Properties' button.
    3. Select 'IP version 4 (TCP/IPv4)' and click 'Properties'
    4. Click on the Adavance.... button
    5. Select the DNS Tab by clicking on it
    6. Enter your active directory DNS domain name into the "DNS suffix for this connection:" box.
      Your network admin can supply the suffix if you weren't provided it and don't know it
    7. Click OK Twice, Click Close Twice and then close the network connections window

How did we do?