Hi, what are the order of preference that XG uses to authenticate a client?
I have a specific case in one of our customers that has many UPN suffixes on its Active Directory domain (Office 365) and also, we are using Sophos Central Endpoint so, we were having a situation where the client was unable to authenticate using Heartbeat because of the user's UPN.
So we have disabled the authentication through Heartbeat method following this KB community.sophos.com/.../133190 and started using only STAS, but the problem is, we can not rely on STAS's logoff detection, or inactivity timeout, we want to assure that if a user reboot its computer the firewall will automatically log out that user, and with our experiments, only Heartbeat do it well.
So if we add one authentication server for each UPN to solve the problem with Heartbeat, and configure STAS, wich mechanism will be used first?
Sorry for the long question.
Thanks
This thread was automatically locked due to age.