Cannot Authenticate with LDAP over SSL

Works fine in our dev environment without SSL, but not with it. This is a requirement for our production environment.

 

I can use LdapExplorer to login via SSL (port 636) fine, but I do get prompted to accept the certificate. Is it possible to import the certificate into iview v3?

 

Our Test Settings Are:

Port: 636

Version: 3

BaseDN: dc=company,dc=local

Administrator: tried both (cn=Administrator) and (cn="Administrator") aswell as the full dn version (cn=Administrators,dc=company,dc=local) ref here https://community.sophos.com/products/xg-firewall/f/sophos-iview-reporting/11022/authentication-server-ldap-ad-settings

Authentication Attribute: cn

Parents Reply
  • Does this sound like an SSL certificate issue though? I have never been able to get iView to correctly connect to a server only accepting ssl encryption. I have no problem connecting to an AD server that allows both, but if I try to connect to one allowing only SSL this does not appear to work. I should point out it does work on our test XG virtual appliance.

     

    Seems abit weird that I cannot allow a group of users access in the iView when I can do the exact same in XG because I cannot add the server and test the connection successfully.

Children
  • Hi Corey , 

    XG is different that Iview. The option to import certificate is important for user authentication and authorization to access the VPN, Website and access internet/ resources of your network. Whereas Iview is a reporting tool to store the logs sent by SFOS or Cyberoam devices and is used as a backup and extended storage. But at this point, this feature was not as important as it was in any firewall device. 

    Hence, a feature request is posted to encourage anyone who is interested in such feature are welcome to add a vote.

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.