Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 41 subscribers
  • Views 840 views
  • Users 0 members are here
Options
Suggested

Maximum limit for authentication server is 20

Hydro4711

Hello,


i reach out to all of you as we are in a really bad situation. We are hosting several customers with active directorys and we just recently started migrating from UTM to XGS. Today we learned, there is a maximum of 20 servers you are allowed to add as authentication services. UTM didnt have these restrictions. We reached out to the support and there is no solution for this and there wont ever be a change to this limitation due to the fact its not how the majority of Sophos customers use the product.


We already tried using Active Directory trust to try out the possibilities but it didnt work out. Is there anyone maybe in the same boat? How did u solve that? Or is there anyone with an idea how to solve that?


Thanks!



Added TAGs
[edited by: Erick Jan at 2:49 PM (GMT -7) on 2 Aug 2024]
  • +1

    Hi  ,

    Thank you for reaching out to the community,

    This would be a Feature Request (SFSW-I-2297); I'd recommend you reach out to your Account Manager, Sales Engineer, or Sales Representative so that they can enter this request into our system.  You can also log a support case so that our support representative can help link that FR to the account. 

    Additionally, you can use the in-product feedback in the Sophos Firewall located in the Top Menu Bar.

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • 0

    So this limitation only affect customers with "a lot of domains". Talking about 20+ domains. Not many customers are really effected to this limitation due the nature of "implementation". Meaning: Per firewall site, there is not that many domains available. Most costumers with 20+ domains have also a lot of sites, which make a domain more or less also a limited to one site. (For example, a customer bought multiple companies but those companies do not integrate with each others, so they do not really need all the domains on one firewall).

    So to speak: i am wondering, what kind of "hosting" you are doing? Can you give us more details about this? Because due the Sophos EULA, a hosting could be not possible: https://www.sophos.com/en-us/legal/sophos-end-user-terms-of-use 

    2.3 Restrictions. Except as specifically permitted in this Agreement, Customer will  not (and will not allow an Affiliate, User, or third party to), directly or indirectly: (a) sublicense, resell, rent, lease, distribute, market, commercialize, or otherwise transfer rights to, or usage of, all or any portion of the Product, or provide the Product on a timesharing, service bureau, or other similar basis; 

    So you are hosting this service of the UTM to sub customers? Because nowadays, you could do this by using SFOS in a MSP Term and per customer one firewall.

    Sub hosting a UTM also has some GDPR concerns, as you mix data between customers. GPDR/DSGVO was not a thing, when many UTM partners implemented there solutions, but nowadays it needs to be re evaluated. 

    __________________________________________________________________________________________________________________

Unfiltered HTML