Share via

Sophos Connect VPN client software cannot import a connection configuration profile when using a Microsoft account provisioned Windows user account

Anonymous
2024-06-03T13:52:27+00:00

I have found that at least 2 of the users within my organization cannot use the Sophos Connect VPN client software when signed into a Windows user account that was created/provisioned with a Microsoft Account (i.e. ___@___.___, or ___@___.___). The Sophos Connect VPN client shows a red exclamation mark on its icon and after opening the graphic user interface, it communicates "service unavailable". This prevents one from importing a connection configuration file and proceeding to establish a VPN connection.

This issue does not occur on local or domain-joined Windows user accounts. This issue currently only affects Windows user accounts that were created with a Microsoft account.

I spent several weeks working with Sophos support to determine what the root cause would be. The support investigation ended when the Sophos support team was able to successfully get the Sophos Connect VPN client software to run on a Windows virtual machine in their sandbox environment. This is great for them, but does not help us users who still cannot use the client software to connect from home, using our Microsoft account provisioned Windows user account.

Has anyone else been able to figure out a work around to this?

@Microsoft, has your team been working with Sophos on this issue? Has Sophos reported this issue to you?

* Changed to a question

***moved from Windows / Windows 11 / Internet and connectivity***

Windows Windows Client for IT Pros Networking Software-defined networking

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments
Accepted answer
  1. Anonymous
    2024-06-05T12:50:15+00:00

    Thank you for your response. (For users who are looking for the solution, skip to the bottom of my reply)

    Below are things that I have done during my support case with Sophos directly.

    1. I ensured that the Sophos Connect VPN client software is up to date
    2. I ran the software as an administrator
    3. I created a local Windows user account, which works, but that is not the point
    4. I ensured all 3 dependent services are running: OpenVPN Service, Sophos Connect Service, strongSwan IPsec Service
    5. I restarted all 3 of the dependent services, which were previously running
    6. I uninstalled and reinstalled the Sophos Connect VPN client software, deleted all program files and app data, and removed the registry entries
    7. I, temporarily, uninstalled and disabled cybersecurity software
    8. I performed a Windows os reinstall, this is not the "Reset PC" it was the "Reinstall Now" option under System -> Recovery
    9. The issue was not unique to 1 device or 1 user. It was experienced on at least 2 different users and 3 different devices running Windows 11 (Home and Pro)
    10. I ensured the tap driver was installed
    11. I ensured the tap driver registry key was present
    12. I ensured there is no firewall rule that would block the Sophos Connect software
    13. I ensured there are not group policies that would limit the Sophos Connect software

    This issue pertains to the Sophos GUI not being able to get the connection state. There is an event handler that throws the "Service Unavailable" message when the connection state indicates no service. For those who are curious, you can look through the .js files of the program you can find the event handler to which I'm referring.

    As mentioned in my first post, Sophos support was able to very recently (~28-May-2024) able to get the Sophos Connect VPN client software to install on a virtual machine with Windows OS installed. So, I was very perplexed and decided to create this post after Sophos support requested I bring this issue to Microsoft support for a solution.

    Last night I experienced an issue where the Microsoft Store could not access the internet, regardless of how much I reset it. Therefore, I tried performing a complete "Reset PC" where it deletes all apps and data along with reinstalling Windows. I selected a cloud install so the latest version of Windows would be used for the PC reset. After the PC reset and initialization was complete the Microsoft Store worked again. Then, I thought to try installing the Sophos Connect VPN client software to see if the result is any different. And, sure enough, the Sophos Connect VPN client software installed and ran correctly, able to import a VPN connection config file normally. I even restarted the computer just to make sure the solution was stable, and it is.

    SOLUTION:

    For users experiencing this issue, try performing a complete "Reset PC" routine where all apps and data are deleted. Also, ensure the cloud installation is selected so the most current version of Windows is installed.

    Probable Root Cause:

    I suspect the probable root cause is a past Windows 11 update/version that either accidentally blocked/broke access to the Sophos connect dependent services or an artifact was left behind by one of these updates/versions that accidentally blocked/broke access to the Sophos connect dependent services. However, I don't have an official root cause from Sophos or Microsoft at this point, so it is just a good guess based on the solution that worked.

    Thank you for your support. Please continue to improve communication with your technology partners so these kinds of issues can be resolved quicker and with more precise (less broad) solutions. Our business was negatively impacted by this issue and considerable time was lost trying to figure out a solution.

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-06-04T15:17:55+00:00

    Hello,

    Thank you for reaching out to us. I understand that you are experiencing issues with the Sophos Connect VPN client software when using a Microsoft account provisioned Windows user account.

    As a Microsoft customer support agent, I can confirm that we have not received any reports from Sophos regarding this issue. However, I suggest that you try the following steps to see if it resolves the issue:

    1. Ensure that the Sophos Connect VPN client software is up to date.
    2. Try running the software as an administrator.
    3. Try creating a new local user account and see if the issue persists.

    If the issue still persists, I recommend that you contact Sophos support again and provide them with the steps you have taken so far. They may be able to provide further assistance or escalate the issue to their development team.

    I hope this helps. Let me know if you have any further questions or concerns.

    Best regards

    Zunhui

    0 comments