AD Authentication Server Configuration Problem

Question

hello everyone 
 here iam still trying to configure all rules i need to apply on my work environment 
 i have read that i can setup my AD as authentication server to let users access the internet 
 but i couldn't make it work and i hoped to figure out the problem with you guys 
 so this is my configuration 
 Network IP : 10.10.10.0/24 
 Sophos GW : 10.10.10.1 
 DC : 10.10.10.2 
 my first step was add DC to Authentication Servers

then i configured the authentication method as the following 
 
 then i imported all of the OUs to Sophos 
 
 then i have created a firewall rule to allow access for example to HR OU users 
 
 finally i have logged in with a user from HR OU and another testing OU 
 and i have signed in Captive portal with there AD usernames too 
 
 but the problem is when i signed in with the HR username i couldn't access the internet 
 so what i have missed ? 
 thanx in advance for any help :)

Karlos · Accepted Answer

Sounds like DNS 
 What are you using as your DNS? If it's the XG, what is configured under Configure > Network > DNS? 
 If you are using DHCP on the XG, review your DNS settings under Configure > Network > DHCP > Select Server > DNS Server