Learn about the Benefits of Multi-Factor Authentication (MFA) . Turn your MFA on now!
Information: Three minute survey on Exploring more ways to contact Sophos Technical Supportt. If you can spare the time, we would love your feedback!
We'd love to hear about it! Click here to go to the product suggestion community
When UTM change master device, all our web navigation are block with error "the site is deny by administrator".
I have found two solution :
1- Redo the ad integration but the issue occur at the next switch 2- come back to the primary node
I think there is a bug where the ad integration isn't fully synchronized between master and slave node
Does someone experiencing the same ?
Do you think this https://community.sophos.com/kb/en-us/126823 is the solution to my issue. I haven't try it at now
When having unexplained issues with SSO, it's always a good idea to unjoin (attempt to join with incorrect credentials) and then to rejoin the UTM to the domain.
Another issue can be using NTLM instead of Kerberos as NTLM is less reliable with the UTM. Configuring Proxy Settings explicitly with an FQDN causes the Proxy to use Kerberos to authenticate against AD. Using a numeric IP or selecting 'Automatically detect settings' in the GPO results in the Proxy using NTLM.
Did either of those work for you?
Cheers - Bob