Under Review

Improve documentation "Configure per-connection AD SSO authentication for multi-user hosts"

The information on the page seems contradicting:

eg. 

https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Authentication/HowToArticles/AuthenticationConfigurePerConnectionAuth/index.html#create-firewall-rules-for-multi-user-host-traffic

Jaspert

  • Hi Jaspert,


    Thanks for your feedback.


    If “Match known users” is enabled for a multi-user host, then the firewall will process all traffic from that host based on the logged-in user (usually an admin) and won’t process any additional rules for that host. In order for per-connection authentication to work, the rule with per-connection authentication must be processed first. This is why it needs to be at the top.


    We'll update the documentation to make this clearer.

    Best Regards,

Unfiltered HTML