AD Authentication configured but users not allowed to login

Question

Hi to all Sophos Community, 
 I was wondering if you had any idea on this problem. 
 First time using Sophos firewalls, mostly working on them via Sophos Central Web Admin. 
 So I enabled IPSec VPNs, it does work with local created users. 
 Company asked me to use Active Directory Authentication, I configured the AD server, test connection worked, imported users and groups, made AD first authentication method, checked queries. 
 
 Am I missing something here? I used Sophos guide and youtube videos, can't pass through this stage. 
 Thank you for your attention

Enrico Zhan · Accepted Answer

Thank you all, I submitted a support ticket and got called by Sophos, turns out I needed first to login in firewall portal with AD credentials, only then I could use Sophos Connect to establish the vpn to my company.

Jens Finck · Answer

Hello Enrico, 
 After looking at your screenshot, i would first check if the Active Directory User or Group is allowed in the IPSec Client VPN Configuration. If the firewall cant Authenticate the user throu the Auth Server there will be the Error Message "wrong username/password". 
 You are getting "not allowed". The Firewall can authenticate the User but the Service is denied.

AD Authentication configured but users not allowed to login

Top Replies

Control Center