Browse By Tags

  • XG one user has poblems accessing websites - onclick protection and XG local login 8091

    We have onclick protection enabled in Email Gatweay so e-mails with urls have a Sophos substitute url. OnClick Sophos checks the url and when found correct the browser is refered to the correct url. This works as intented. HOWEVER there is one user…
  • Configure Terminalserver Access with AD SSO authentication for multi-user hosts

    Hello, i would configure out Terminalserver Access with AD SSO authentication for multi-user hosts. I follow this article: https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Authentication/HowToArticles…
  • How to integrate Sophos FW with Azure AD

    We don't have have on-premise AD, need to integrate the firewall with Azure AD.\ We have IPSec tunnel connectivity between FW and AD.
  • Cannot establish NTLM authentication with %NETBIOS%

    Hello, I am struggling with NTLM issues (I am not using STAS and trying to use Kerberos) I think I have setup everything correctly. is there any detailed logs I can look at.
  • Remote STAS in bridge mode

    Remote STAS in bridge mode Hello guys. I'm approving an environment where we have sophos in bridge mode. The following scenario being evaluated. Office: router <-> sophos fw(l2) <-> switches Inside this office we have an AD with STAS, running…
  • Linking Citrix with Sophos XG Firewall

    Dear Community. due to the current not so transparent information I am looking for a supported way to allow users of an RDP session to apply firewall rules based on "Active Directory Groups" basis. This is to prevent that user 1 from group 1 can access…
  • connection lost for 30 seconds randomly

    Hi everyone, a customer where I recently deployed a Sophos XGS 136 is reporting that desktops are losing internet connection for 30 seconds and then returns normally, and that this is not for any specific desktop, but randomly. Is anyone experiencing…
  • Add an Active Directory Server on Sophos XGS

    Hi support, I have a few questions on configure Active Directory authentication on my XGS. I have followed the guide here: Configure Active Directory authentication - Sophos Firewall When I open the VPN portal, I cannot login using my AD user…
  • Feature Request - AD Admin Groups

    I am not sure where else to request a feature, so I am going to request it here. It would be nice to be able to tie an active directory group to an XG Admin rule. This way all the users in that AD group can login to the XG Firewall with admin permissions…
  • XGS Not Reading Attributes from AD

    Hi, I have active directory configured and it works. Users can log in to the user portal, vpn, and wifi. Yay! But, the attributes for the display name and email do not pull over from the AD Server. Example: The user logs in with username The name…
  • SAML support for SSL VPN

    When will Sophos come out with Support for SAML? The majority of the players out there do support SAML2, why is Sophos dragging its feet.
  • STAS WMI Access Denied after Windows Update

    Hello all, We are facing several problems with STAS Logoff detection method - WMI after the lasted Windows updates mid of June. All computers are returned Access Denied when we execute WMI test over STAS. This is causing a big problem with discnnection…
  • traffic not attributed to user using SATC with Sophos Server Protection

    to attribute traffic from remote desktop service host (windows server 2012 r2) to users we created a test implementation of SATC with sophos server protection. current issue: nearly all traffic is not assigned to user (username in log empty). but…
  • Authentication service is not working

    Hi Guys, Since I activated STAS on Sophos Firewall, sometimes for a small period of time, workgroup users that are using the captive portal, cannot login to the captive portal. In fact at this period, not only the captive portal but user portal, web…
  • how to sync AD servers on XGS

    hi all, under "configure > authentication > servers" ive added my domain controller to it but how do you manually "re-sync" it as ive just added another security group on my DC, ive added the group under group in sophos, called it the same name but…
  • Authentication in Direct Proxy Mode

    Hi everyone, can Sophos perform user authentication in direct proxy mode? Captive Portal, SSO, Client Authentication and STAS are not meant. Since we have some applications that should be authenticated directly by Web Proxy. Through "basic user authentication…
  • http websites ERR_CONNECTION_CLOSED when Advanced Threat Protection is turned on

    In case someone has symptons with http websites that get ERR_CONNECTION_CLOSED When we apply Advaced Threat Protection, websites which uses http protocol (internal and external) are often ERR_CONNECTION_CLOSED. These http connections work good for 0-20minutes…
  • [Sophos XGS] User user@domain.local failed to login to Web Admin Console because of wrong credentials

    Hello, I'm posting a question because I'm having trouble setting up an administrator account generated by the AD for firewall access. My customer wants two of the AD users to be able to log into the firewall administration portal. I have tried…
  • Sophos XG 135 - Radius server - Test connection failed due to incorrect credential

    Hi, in our small company we are using Sophos XG 135. I'd like to use RADIUS server for my VPN connections to verify user as AD integration only allows PAP and Radius allows MSCHAP v2. However, for the love of God, I haven't been able to make it work…
  • Azure joined PC Heartbeat sending wrong username ?

    Hello, i am trying to implement SSO for Azure AD users to XG firewall by heartbeat. These are M365 Cloud Only Users . The Username is ex. john.doe@ourdomain.com . Heartbeat tells me that the user is johndoe, without the dot. I guess that this is…
  • Sophos Firewall users not joining my AD associated group

    Currently running a XG430 19.0. I am currently having trouble having my ad users being linked to the right group. I have created some security groups on my AD, I have synced them up with the sophos firewall using query like this (ou=x,dc=x,dc=.…
  • When could the support for Google Authenticator and Authy come for Sophos VPN via 2FA?

    How is it possible that Sophos is still not supporting Google Authenticator, Twilio Authy or any other more wide-scale used 2factor authentication apps? It is claiming to be RFC-compliant and stating that those apps are not? Or what is the problem…
  • Problem with RED WiFi Authentication

    Hello I am using a RED 15w in my home office to connect to the company. When I connect it directly to the Fritz Box I am able to do so and the Authentication against RADIUS is working. WhenI connect through two devolo dlan550 and dlan650 this is…
  • Web Filtering Not Detecting Users

    Hello A few days ago I started a trial of SFOS 18.5 as a Hyper-V VM, specifically to trial the Web Filtering feature. Our users log on to Server 2012R2 Remote Desktop Servers. I've followed the guides on the website to add an AD server along with…
  • AD User Sync in XG

    Hello I am trialling an XGS VM running SFOS v18.5.3 MR3. I have setup AD Sync for users and groups. We will specifically be using AD groups to control web filtering. Must all users first navigate to the user portal before the XG will place them…