Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • Is it possible to pull the group information from the LDAP server?

    Hello, My XG firewall is integrated with LDAP and I can login with the account from LDAP server. I can see all users account when they are logged in ('user' tab). but I cannot see their group information that I assigned in LDAP server. Is there…
  • AD Authentication not working

    Hello, the AD authentication for the user portal and all other services is not working. I configured it according to this guide: https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/de-de/webhelp/onlinehelp/nsg/sfos/learningContents/ConfiguringActiveDirectoryAuthentication…
  • How to integrate authentication with Active Directory

    Hello World, Is it possible to configure Sophos XG to authenticate users for internet access once they sign in to their workstations? If not is it possible to force the browser to re-direct the user to the network authentication portal? Also, if…
  • Prevent AD user creation if not member of imported group

    Hi We have setup AD authentication on our XG and imported a "VPN Users" AD group on to our XG. The VPN Users group is assigned to the SSLVPN. If a user authenticates via the SSLVPN 2.1 client, a user is created in the "VPN Users" group on the firewall…
  • Sophos xg not creating a domain computer account when adding active directory authentication server. Kerberos sso not working.

    I have added Active Directory Domain controller to the servers list under authentication, imported groups, have users from AD, however, kerberos/ntlm doesnt work. I have made sure that SSO is enabled for the LAN interface and that the browser is using…
  • DUO Authentication Help

    https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/124501/3-ways-to-setup-xg-18-with-duo-2fa Using this information, I followed the setup for DUO authentication for XG AD Server, DUO LDAP client and server, and it works. But, it seems…
  • Captive Portal not pop up Automatic

    Hi, Captive portal login page not pop up automatically when any user try to connect network through wifi on any device like mobile,laptop.user need to type the sophos firewal ip address to get the login page
  • Captive Portal -- DHCP issue

    Hello, Setup: -Sophos XGS2300 -Windows Server running DHCP We have an issue with client authentication: The client device receives an IP through our Windows Server (DHCP). The client device then authenticates through the Sophos XG captive portal…
  • Giving appliance access to a group imported from AD

    In the last couple days I've been trying to give admin access to some users to manage Sophos firewalls via WAN accross multiple sites. However, I have to manually set the user type as "Administrator". Manually setting 10 users or more accross more than…
  • Captive portal isnt working on Internet Edge and Google Chrome

    Good morning I am writing to you because I have some issues with the sophos captive portal, the configuration is correct, however, in an implementation in which we have implemented the captive portal, we are presenting certain complications to deploy…
  • Cannot establish NTLM authentication channel with <Domain> + SFOS 17.5.MR15+Cyberoam

    We got an error "Cannot establish NTLM authentication channel with <Domain>" in the Cyberoam 300ing, where CTAS and NTLM authentication both are working , NTLM was enabled because many of the domain user are not getting the services of web proxy , Support…
  • Specify Multiple UPN Suffixes within an LDAP server

    Hello, We need to implement AD Authentication into a client's environment, the AD Auth will be used for the Sophos Connect VPN client. Unfortunately, the client has 3 different UPN Suffixes (as they utilise 3 different email domains). Please advise…
  • Manual configure SF-OS to use AD Server Authenticacion

    Hi, i new with XG Firewall and want configure the autentication integration with Active Directory service. I add correctly my AD but dont find the manual for Configure SF-OS to use AD Server Authenticacion, the link is broken and i want configure with…
  • User is automatically logged out form captive portal

    I am using XG115 (SFOS 18.5.2 MR-2-Build380). User is automatically logged out form captive portal. If I set Inactivity time longer then still facing the same issue.
  • Sophos XG Active Directory

    Hey all. I have setup Active Directory integration and everything seems to be working fine from that aspect. Users are able to login to the user portal using their active directory credentials but when they try VPN the credentials do not work. When…
  • Use SSO to sing into Sophos connect IPSEC VPN

    Hi Everyone I have had a look at documents and searched a few forums but I cant find an option to use SSO for the Sophos Connect VPN client. Is it possible?
  • Cannot establish NTLM authentication channel with XXX

    Hello everyone, since we migrated to the Sophos XGS, we receiving a lot of error messages, but everything works fine so far: Cannot establish NTLM authentication channel with... I´ve read all the documentations about NTLM (LDAPS) and checked everything…
  • XGS116 integration with Azure AD

    I need to be able to integrate the XGS116 with Azure AD for web browsing so that active users/connections shows the correct username as opposed to N/A I've currently set it to "Clientless" and added an IP address range so that browsing is attributed…
  • AD Username change

    Good morning, I'm relatively new when it comes to XG firewalls and have a simple question. We currently have AD setup to sync to our firewall for IPSEC VPN authentication. Recently, a user had their name changed, to which we updated in active…
  • Enable local authentication.

    Hello, I need to enable user authentication in the firewall rules, the environment does not have Active Directory, so I will create local users and groups, in XGS itself. I even ran a test with a rule, but the computers stopped accessing the internet…
  • Administration

    Problem with authentication, When Admin logins, the admin privileges are taking for subsequent logins too. But when limited user logs in, that privilege applying for admin. so, what can I do solve it.
  • NTLM sophos xg (SFOS 18.5.1 MR-1-Build326)

    i can't find NTLM in device access after update to disable it. i appear with port 8091 instead of capitive portal , any solution?
  • Sophos XG Firewall: SSL VPN - Login failed. Wrong fingerprint of certificate.

    Hi there, In an XG 115 with the software 18.5.1 MR-1-Build326 I entered several users under Authentication / User, only the entry that was entered with an older firmware is still able to log in via SSL. All users who are now entered are rejected with…
  • Sophos XG 18.5 MR1 - AD Authentication - Long username

    Hey, We have a XG setup with AD authentication, and it seems to be pulling from the username from the "pre windows 2000" field instead of the normal username field. This means we have a customer with a long username (firstname.lastname) where the last…
  • XG firewall disconnecting authenticated Radius SSO users

    We are a school running an XG135. We have AD accounts for all users to sign in with. On wifi users authenticate via a RADIUS server and DHCP. Our staff have reserved DHCP IP's. Depending on their role we have used those reserved IP's as IP Hosts in…