Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

SOPHOS STAS inactivity Timer issue

hi,
i have XGS2100 (SFOS 20.0.2 MR-2-Build378).very wired issue is being faced. i am using STAS for user authentication. user rule is down in the rules. on top of all i have created rule in which i added mac address of few users. this rule is not working. when a user came whose mac in not entered in rule then it passes through any user rule. in log viewer it shows mac address and email address of any domain user. while this mac is not part of any domain PC. this is not normal. from user rule that user shoudl pass who was called in that rule.
i also created new mac address rule but it is not working. i noticed that when any user came whose mac is not in allowed rule it take ip from dhcp , that ip was previously used by some authenticated user then this user is considered as authenticated user and goes through user rule.
as a work around i enabled Enable user inactivity under STAS, configured inactivity timer 120 Min. and Data transfer Threshold 100 Bytes. but with this setting the user whose mac in not entered is not allowed to go to internet while the user who are authenticated start being logged off either they are idle or not for 120 Min.
please advise..



Added TAGs
[edited by: Raphael Alganes at 2:48 PM (GMT -7) on 2 Oct 2024]
Parents Reply
  • hi Mayur,

    i have not enabled captive portal for unauthenticated users as user who are domain joined and have their cell phones when they try to conenct and have password then tehy will be authenticated and go to internet. i dont want that any user in my lan who has their own laptop/cell will be authenticated with captive portal.

    in my enviormnenet guest comes , i need that i will take mac of that guest and mac an entry in my firewall and then that guest will go to internet.

    please guide.

Children