Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

  • XG Firewall Keeps Credentials from RDP session

    Yesterday we upgraded to the latest greatest firmware XG450 (SFOS 17.0.8 MR-8) . Now, when we use Remote Desktop to log in to a server, Sophos Firewall is remembering that user ID and using it for all our web browsing. For example, I am logged into my…
  • Routing IPSec VPN Azure

    Folgendes Problem: Seit ca 2 Wochen kann meine SG 135 meine VMs in Azure nicht mehr erreichen, das hat zurfolge, dass die Authentifizierung über adirectory nicht mehr funktioniert. Aus den zwei lokalen Netzen sind die VMs jedoch problemlos ereichbar…
  • XG allows all AD users to log in and download VPN client

    This is my first XG install. I've pointed the XG at a Server2012 domain controller. An AD group exists called VPN. I went through the import group wizard, found that VPN group, and imported it. Now, any AD user can log into the XP portal and download…
  • Certificate Error: The security certificate was issued by a Company you chose not to trust

    I recently installed Sophos XG 125/ w125 on our network. After installation I have been receiving the “Certificated is not valid” error when trying to open the outlook application. I am using Exchange 2010 and previously when I was using TMG I did not…
  • Multiple AD groups for web filtering

    Hello community, I was deploying a XG Firewall in an environment and I was asked about using multiple AD groups for web filtering in the web policies/firewall rules. I saw in some threads and also in this KB that XG maps the user in a top-down approach…
  • STAS Remote Office not working: users not detected

    Hello i have this problem with the STAS system. I have 2 XGs, one XG210 (v17 MR5) at the main office site and a XG125 (v17 MR6) at the branch office site. STA AGENT has been configured on the DC01 to scan my local and remote subnet via EVENTLOG. STA…
  • Access Denied by Active Directory sever

    Hi. When user have access to all computers then authentication is ok. But when change access to selected workstation and also added a name that appeared in AD from Sophos XG user does not authenticate and have message: "Access to this computer denied…
  • Fehler bei Authentifizierung von Benutzern mit Umlauten im Kennwort

    Hallo Zusammen, zunächst ein paar Informationen zur Systemumgebung: Sophos SG 310 UTM 9.506-2 Active Directory Domäne auf Windows Server 2008 R2 Laut den Release Notes zur UTM 9.501.5 ( https://community.sophos.com/products/unified-threat…
  • SSL VPN Suddenly Stopped Working

    Good Evening, I recently joined a team and started up our own MSP. One of the clients we took over is using a Sophos XG210 (SFOS 17.0.3 MR-3). I am not real familiar with Sophos, though this same unit died and was RMA'd largely in part due to someone…
  • Sophos STAS Configuration

    Hi Guys, New to the forum. we have a XG in our office. and two domain controllers. We trying to get SSO to work. i have configured STAS using the document here: https://community.sophos.com/kb/en-us/123154 My understanding is that there are two…
  • AD integration with xg firewall

    Dear all, I have installed stas and integrated AD with xg310. Then i did import all the users from AD into Xg-310. And created a firewall rule to access internet from lan to wan and enabled "match known users" & "Captive portal to unknown users…
  • User authenticate through web client instead of STAS

    Hi All, I'm having a problem here that part of the AD user are login through web client instead of STAS. On the XG we have configured the STAS and it is working fine until yesterday we upgraded the box firmware to SFOS 17.0.3 MR-3 Initially all…
  • AD group membership problem issue on the Sophos XG Firewall

    Hello, I have installed the Sophos XG Firewall with firmware version SFOS 17.0.2 MR-2 in virtual appliance (VMware vSphere ESXi). I have activated company full subscribtion successfully. I also have setting up some firewall and web protection as needed…
  • XG210 log out user for no reason

    Dear All, We just deploy XG into our environment and noticed that user keep on losing internet connection and after 10 seconds, connection resume. Further checking into the log viewer, it seems that the user was being logged out while they are online…
  • Cannot connect to domain over IPSEC lan to lan

    Hello, We have 2 sites with both a Sophos XG configered with site-to-site ipsec VPN using the Defaultbranch and Default head office policy. On both sides we also have 2 firewall rules VPN to LAN and LAN to VPN with any, and I have also setup on…
  • STAS on two domain

    My Client have two domain(A and B)and trust relation have been established between them. Both Domain have same subnet and both are connected with Sophos XG. All work fine, now I want to configure user base rules for both domains in a XG firewall.…
  • Active Directory Benutzer nicht importierbar

    Hallo zusammen, komischerweise kriege ich einige Benutzer nicht mehr aus dem Active Directory importiert. Weiß jemand woran das liegen könnte?
  • AD Authentication Server Configuration Problem

    hello everyone here iam still trying to configure all rules i need to apply on my work environment i have read that i can setup my AD as authentication server to let users access the internet but i couldn't make it work and i hoped to figure out…
  • Multiple account authenticated in AD with clientless SSO

    Good day all, We are having issues on the clientless SSO that there's multiple account hoping around the end user. Below are the scenario 1) Multiple account sign-in I have login with my AD account and it can be seen authenticated on the AD and…
  • SSO STAS on mulitple VLAN's and Subnets

    We have tried to set up SSO in our company and we faced issues while changing from one subnet to another. Since we were under premium support, we raised a ticket but still couldn't solve. Is there a solution to it??
  • Integrate Sophos XG 230 with Active Directory And Setting Up The Authentication Server

    Greetings, Trust you are doing well, I am working on XG integration with AD user groups and OUs. I was able to setup STAS and configure it. But now, before make it running, I want to understand one thing. The user will be authenticated when he/she…
  • Active Directory w/ subdomains: authentication fails for users of subdomain

    Hi all, we have XG-310 (FW: HW-SFOS_16.05.6_MR-6.SF300-266) with some REDs setup as a trial. This works as intended but we have some trouble with the AD connection. We have a root-domain and a subdomain for each subsidiary. We have a global security…
  • UTM 9.5 Home, Hostname mit DynDNS und SSO über AD

    Hallo Leute, bin relativ neu in der Sophos-Welt und habe seit einer Woche UTM 9.5 auf Hardware als meine private Firewall im Einsatz. Hab der FW den Namen "ad.domäne.de" gegeben und beim Provider ne Subdomäne mit dem gleichen Namen eingerichtet. Diese…
  • SSL VPN AD Auth ERROR

    Hi. I have a couple of users that use SSL VPN and do auth by Active Directory, but only 1 user alway get AUTH_FAILED even username and password is correct. This is my personal user. I can login to user portal and Admin, but alway get AUTH_FAILED. …
  • We want to be able to easily identify students by their ID when web surfing. Can we use AD to use their login ids?

    Hi From what i can see the AD integration only allows people to login to the SOHPOS server. We need to have an accurate way of viewing a students travels around the web. We are currently using RADIUS logs to reconcile IP addresses against user ids as…