I have to create a user with username equal to mailadrres ( name@domin.com ) Purpose is to use this user to authenticate with a login form with passthrough in a WAF rule. When i try to authenticate nothing happens, when i authenticate with a username…

HOla! tengo un problema y a ver si alguien le ha pasado lo mismo y como puedo solucionarlo. Tengo un DC con DNS "pepito.local" donde tengo un servidor Web publicado al exterior por el dns https://CRM.pepito.com . En la zona LOCAL tengo creada…

I have configured a captive portal for users authentication, for some purposes i have to bind each user with a specific MAC address, can any one help me Best regards

So I have an XG firewall that is Authenticated with our 2 local AD Servers and was looking for some assistance with the below. 1. I did a migration to 2 new 2019 DCs last year and even though we kept the IPs the same, the names changed. Now for some…

Hi, there is already discussion from 4 years ago (+) Import Group Wizard hangs at "Select AD groups to import" - Discussions - Sophos Firewall - Sophos Community that got solved. I have this exact problem also today on an XG 230 Appliance that…

I understand that using Kerberos is the new recommendation from Sophos to replace STAS so that nothing needs to be installed/configured on the DC's themselves. I've followed this document: https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us…

Hello Community, I configured some Terminalservers with Intercept X and SATC (Sophos Authentication for Thin client) and User Accounts are recognized and can be used in XGS3300 Firewall rules. So far so good! Now I wish to exclude some User Accounts…

Hello, maybe are some way to setup MFA auth with Azure AD MFA with push notifications? I mean when connect to Sophos XGs (User portal, Admin portal, VPN) in your phone pop-up window in you MS Authenticator app in the phone and you need only to allow…

Hello. My client wants to tweak the behavior of his organization's captive portal. Currently, some devices after gaining access to the Wi-Fi aren't being redirected to the captive portal page. I performed a reboot of the firewall and all users were…

I cannot find the Sophos Authenticator app in the Android Play Store. It was there a couple months ago. Where can I find this app to install it on a cell phone?

Hi all We are having trouble with a test instance of XG 18.5.5 in which we can not get it to join our domain. We are running some 18.5.1 devices which did not have any issues with joining a domain but 18.5.5 just does not play ball. We get the…

How do I generate a new QR Code for the default admin account? New phone so had to reload authenticator and lost existing devices. I have access to the web interface using another admini account but cannot seem to locate a way to generate a new QR code…

Hi, i have a question. I have a Sophos Firewall at home. I have rules and Web Policys for special users, so i had installed the Sophos Network Agent on my smartphone. This is some time ago. Now i have a new rule. I need on other Android devices…

I am trying to change all users' session setting to only 2 can i perform this process all at once or do it individually?

sophos XG retaining authentication details on an existing ip address.log on to captive portal If i log in for the first time and after i get back into the office for the second day and i am giving an IP address it uses the existing authentication details…

HI, I'm trying to get the Sophos XG appliances (SFOS 19.5) talking over Kerberos instead of NTLM. I can't see that the appliance has domain joined - no computer object. There are no SPN records created The appliances FQDN are different…

Hello, we use a XGS116w in one of our branch offices running on firmware: 19.0.1 with SD-WAN. We deployed a firewall rule through Sophos Central for Web Surfing (LAN-Zone to WAN-Zone) with different Web Policies. All is working fine. Now we…

I currently can identify users & machines in IPv4 with a mix of STAS (Windows AD) and 'Clientless users' (matching IPs with DHCP reservations). Now, in a dual stack, IPv6 addressing is done via Router Advertisement from the XG appliance. In this configuration…

I have 2 DC in my domain, and I installed STAS Suite (Agent and Collector) in one of the DC. The issue is STA Collector not showing Sophos Firewall IP address on Sophos Appliance, It appears some often and disappear when I restart the STAS. I tried all…

Hi l have a XG 310 RUNNING V18.54. We have a captive portal issue .. when users try to access the captive portal link with the IP address , its showing the attached error

Hello, what option does a User who is completly working from remote, to change his AD/Windows Password? (the credentials should be write back to the machine, so all Apps like outlook and next login has the new password.) Or do Admins now days set…

Hey, Yesterday I asked here why I couldn't delete a user : (+) Can't delete user in FW XG - Discussions - Sophos Firewall - Sophos Community I'm here again for the same problem (deleting a user) but it's not the same scenario: for exemple :…

I got this error when trying to delete a user : Couldn't delete user. A firewall rule, VPN connection, web policy rule, or SSL/TLS inspection rule exists for this user. When looking at applog.log and csc.log I got : Jan 17 13:10:22Z apiInterface…

I have xgs116 appliance and microsoft365 licenses. I would llike to config sslvpn ; with micrososft 365 license authentication to access on premise network. Please help to config

Hi all. I'm currently facing a problem on an XGS2100 where AD authentication & SSO through Web auth are enabled and working. Just for a few minutes... Next step on every single client (Windows, Android but not iOS) is lose of connectivity and need…