Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945
Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!
We'd love to hear about it! Click here to go to the product suggestion community
I am new to Sophos XG firewal and i have just configured to my network. I have a problem with STAS operations where by i am not able to see the Live users from Firewall but from Domain Controller STAS service is running and showing the Live Users.
Secondly i have added my domain controller in XG firewall as authentication server and do the successful test between the DC and firewall. But when i try to check on users list from the firwall, none of the AD users are shown only local users. I wanted to firewall to take AD users for authentication.
Please assist with proper guideline on how to setup or troubleshoot such problems.
Go to Authentication > Services
Authentication server list select your server and apply.
In reply to Sunil Markam:
From > Firewall authentication methods section
I have already done that and my DC is selected as authentication server. But still nothing is happening.
In reply to Chimwemwe Mtonga:
follow the steps as screen-shot and logoff and login the system.
Hello, Can you configure CTAS or STAS on your AD, without this that will not happen. follow the kb https://community.sophos.com/kb/en-us/123156
Thanks it has worked perfectly i am able to see the AD users now.
But i have another problem now blocking sites for specific users. What is happening is blocking is taking all users on my network yet i have specified the OUs or Users to be blocked.
One thing i have noted that when i exclude unknown users the blocking is not working. But once i include unknown users on list blocking is happening to all users.
How can is remove the users from unknown list.
Can you please share some Screenshots.
Step1: Create web policy With all categories blocked,
Now Create a firewall rule : as mentioned below screen shot.
Note: add ur own user in Identity section "user and groups", then open ur browser and try www.google.com.
if it will not opening then, go to diagnostics > Policy tester that tester will let you know where you are stuck. open that category as mentioned in 1st screen-shot.