Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 7688 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filtering - Device OS not recognized / device-specific authentication not working

Marc Schröder

Hello community,

i have a problem with my apple ios devices.

 

As standard we use basic authentication fed by ms active directory groups.

So users usually have to type username and password of their ad-accounts.

 

Now we would like to let our apple ios devices online without authentication because the network where they come from is already secure and the devices have certificates and so on.

 

I wanted to use device-specific authentication and added ios devices with no authentication to the global web filtering lower right part.

Nothing happens and the devices still get their pop-ups.

 

As i understand this function the UTM should be aware what kind of devices tries to establish the connection.

So the device under it´s ip should be seen in the logs as device="4" for iOS-Device.

 

While checking the logs i saw, that all devices are regarded to as device="0" (unknown).

 

Am i missing a function anywhere? Why isn´t the UTM not device aware?

 

Maybe you can help...

 

ThanX

 

Marc

 

PS:

 

SG550

9.510-5

 

 

 

     


This thread was automatically locked due to age.
  • 0

    Hi Marc,

    Did you try different web browsers to test if the log entries changes? Alongside, verify the http log lines for multiple machines to make sure, if the issue affects globally or is it related to specific machine/OS. If that doesn't change the behaviour, restart the http proxy from shell command, /var/mdw/scripts/httpproxy restart

    Thanks,

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Hello Sachin,

    the problem is multi os wide with different browsers and apps. Every proxy using device is "device="0"" (unknown). If we don't miss another part which might be necessary I will do as suggested and reboot the proxy by shell.

    As we run the UTM clustered and five locations with nearly 5000 people are involved I will do this some night in a few days...

    Thanks for the answer for my request :)

    Greetings

    Marc

  • 0

    Hallo Marc and welcome to the UTM Community!

    Please show a picture of the Edit of the Profile for the IOS devices.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    I wonder if you may have found a bug.   Have you opened a support case yet?

    I have a small number of cell phones allowed on my network, so I parsed several days of log files to see if I could find them.   So far, I only see entries with device=0.  But I do not yet have a formal test with a specific phone on a known IP browsing a specific website.   I may pursue that in a few days.

    Are you getting a UA string that indicates the phone browser identity was captured?   I have not yet found one, so my results may still be meaningless.

    Running 9.506-2

  • 0 in reply to BAlfson

    Hi Bob,

    thanks for the help!

    Actually it runs through our "basic" default profile.

    As i understood the manual you have the option to configure device-specific auth via
    two methods.

    Web filtering or web filtering profiles.

    There isn´t a specific Profile regarding the ios devices because they originate of the same network.

    What makes me curios is the fact that no device or browser is recognized as device 1,4,3 or whatever.

    The log shows the right vendor and browser for the devices but doesn´t use this information.

    Greetz Marc

  • 0 in reply to DouglasFoster

    Hi Douglas,

    "feels" like a bug :)

    DouglasFoster said:

     

    Are you getting a UA string that indicates the phone browser identity was captured?   I have not yet found one, so my results may still be meaningless.

    Running 9.506-2

     

    Provided a snippet of the log where you can see slightly some windows machines which provide correct os and browser information.

    The i-devices do the same. But they aren´t categorized.

    As i have read the instructions this should be the case all along... :-/

     

    Greez Marc

  • 0 in reply to Marc Schröder

    What version of iOS is this device running? Has it been upgraded to iOS 12 recently?

  • 0 in reply to RichBaldry

    Hello guys,

     

    i have the same issure with the UTM Version 9.506 and IOS 12.1

    How it is with the 9.510 or 9.6?

    Br McWolle

    Sophos Certified Engineer (SCE)
    Sophos Certified Architect (SCA)

  • 0 in reply to McWolle

    Does anyine know how devuce detection works?  I am guessing it parses the useragent text, but support level 1 did not know.

    Also, I established that device data is only captured when device-specific authentication is enabled, but you already have that set.

Unfiltered HTML