Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 1636 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Do I need STAS?

Csaba Németh

Hi there,

There is a company (Company1) with 3 sites and an another company (Company2) with 1 site.

Company1-1 has 2 AD DCs
Company1-2 has 1 AD DC
Comapny1-3 has no DC.
Company2 has 1 AD DC.

There is an AD trust between Company1 and Company2.

If there is no Internet at Company1-2 on ISP1, it can reach the Internet and Company2 via Company1-1 (leased line).

All sites connected to each other via VPN.
All sites have Sophos XGS.

How should I configure the firewalls and DCs to achieve a bulletproof AD auth for browsing?
I mean if Company1-2's DC is down, clients should authenticate on Company1-1 DCs.
I would like to authenticate also Company2's clients when they are in Company1.

Do I need STAS in this scenario?



This thread was automatically locked due to age.
Unfiltered HTML