Browse By Tags

  • Clientless SSO STAS logoff detection vs dead entry timeout clarification needed

    Please bear with me, I am a 1-man IT band, and am NOT a "Firewall" guy. :-) Background: Simple Network: 2 Active Directory Domain controller Servers (for redundancy) w/ STAS Suite loaded on BOTH controllers. 1 XG Sophos Firewall XG 230 …
  • STAS "Test connection failed"

    Hi there, I'm trying to set up STAS on my domain controller, and having a few issues. The STAS Agent and STAS Collector are working fine, and testing okay, but when I test connectivity to the Sophos device, I get a "Test Connection failed." popup…
  • STAS Live Users shows mostly Administrator username instead of actual logged on users

    Hi all, I have been monitoring the Live Users on the STAS collector for logged in users. Here's my issue: When a user first logs on, his username along with the other relevant details appear, but after a few minutes his username appears as Administrator…
  • Can't authenticate against SSL VPN

    I have 8 different XG firewalls running 15/MR3. I can connect to the ssl vpn on all of them but 2. Those two are different from the others as they are running STAS. On both of those appliances authentication is configured for local, then AD authentication…
  • STAS: What AD role is required, exactly?

    Only Administrators? Or it is a okay that View-only Organization Management? Thanks!
  • STAS Collector Error

    I am trying to add a STAS Collector, but fail with the following error: I was on the phone with Support when it occurred, but they told me that one of the interfaces needs to be on the same network segment as the DC, so I updated an interface to accomodate…
  • STAS problem with user authentication on XG v16

    Hi, I mount a VirtualLab with VM's with XG v16 on my workstation 3 VM's UTM, Windows 7 Pro 64bit and Windows Server 2008 R2 64bit... XG v16 with two interfaces LAN VMnet5 172.16.16.16 WAN VMnet2 (NAT) DHCP Windows 7 Workstatin LAN VMnet5 gets…
  • AD users can't login to user portal.

    I have imported my groups from the AD in my XG environment, but when I try to login I just get login errors. When I look at the logs it seems like XG can't get the information from the AD. At the moment I dont know what the issue might be. The last…
  • Special Characters sAMAccountName - AD Readiness Tool

    Hi All, There's been an issue identified where as if a user has special character in their sAMAccountName, STAS and the XG Firewall will fail the authentication because a user object can't be created because of the special character. I don't consider…
  • STAS not authenticating to XG

    Hello all, First off great product... Problem my SSO is not working with STAS, even with all tests working and XG authentication server added and all ports open "5566,6060,6677" inbound outbound Live user list does populate and shows all AD users…
  • UTM SG450 seems to lose Internet connection with users

    We have the SG450 migrated to XG Firewall software, users began randomly to lose internet connection and have different error messages. Like those I'm attach here. Is it possible to tell me how to solve this big problem, because it is really frustrating…
  • How to run STAS agent under another user account other than administrator on Windows server 2016?

    Is there any howto which describes how to run the STAS agent under another user account other than administrator on Windows server 2016 (technology preview 5)? Especially when using WMI to poll the clients. How to set up permissions in the Windows AD…
  • RE: STAS in bridge mode

    Hi Sachin, you're right. I just disable and re-enable the auth cta in Sophos Console, and everything started up succesfully. To disable, go to sophos console, option 4: system auth cta disable. To re-enable and add a collector: system auth cta…
  • STAS in bridge mode

    Hello everybody, I configured a Sophos XG210 in bridge mode. Right now, I’m trying to configure the Single Sign On using STAS. I’m quite familiar with STAS implementation with over 10 clients configured successfully, but this installation is the first…
  • XG Firewall can't even do Windows integrated authentication?!

    We're trying to switch over to XG from UTM Home 9.4 after encountering an unresolvable problem which requires us to discontinue use of the product. I decided XG Home might be a good alternative... Until it became apparent that it can't seem to do an…
  • Stas started, and connection test success, but no user showing in live users/advance

    stas start = ok connection test to utm, and between agent and collector = ok VMI test = ok but when I go to advance/view live users, it shows blank My server is window 2003 domain. Please help. thanks in advance.
  • STAS start failed, message is "can not start service: STAS, fatal error: the operation completed successfully.

    connection to utm test is ok, but can not get agent talk to collector, and my firewall is disabled. Please help.
  • STAS causing dropped packets?

    We have recently migrated from cyberoam. I had CTAS configured before and then re-deployed STAS. None of my firewall rules use Identity, however for about 2 minutes out of every 30-45 minutes my users have no connection to any other VLAN or LAN on the…
  • STAS Firewall with User on several machines(workstations)

    Hey, I've setuped the STAS on my DCs. User are Reported... works fine. I have a firewall rule to allow "ssh" and "ping" to one special host. (source is "USER A" and "TESTUSER B") The first workstation wich comes online, after the UTM restarts, with…
  • STAS Configuration

    Hi I have the following problem: 2 Domain Controllers 1 Sophos XG on DC1 i have the STAS Suite installed on DC2 i have installed the STAS Agent now whenever i trie to test connectivity between agent <=> collector i get the following message…
  • Why do Domain-Users fall into Open Group?

    Hi! I have STAS running and it works quite well for my "Domain-Admin" user. But now I've created a new AD user who belongs to the group "Domain-Users". Unfortunately, this user always gets mapped to "Open Group" instead of the correct group ("Domain…
  • Windows AD user auto-mapping with STAS

    Hello, I set up the STAS SSO mechanism within a WIndows AD domain. It works, but most users belong to more than one group. I created specific AD groups to manage access through the firewall, sothat it is would be sufficient to change user AD group membership…
  • Cannot delete group because in use by a firewall rule

    I'm not able to delete an imported group because the appliance states that it's referenced by a firewall rule. I checked but couldn't find this. Is there a way to get a 'where used' function? I really don't know where the group is referenced.
  • Sophos Transparent Authentication Suite (STAS) with Windows server 2012

    Hi, I don't know if anyone face a problem wit STAS agent we have the DC it was running on Server 2008 and the STAS agent was installed and working without any problem we upgrade the OS to Win Server 2012 after the upgrading the STAS can successfully…
  • STAS and Samba AD server

    Has there been any consideration for an alternative AD server. Currently I am using a SAMBA 4 AD server for my single point of authentication for Windows, Linux, and OS X. It would be really nice for the SMB sizes that can not afford a Window Server license…