Hallo zusammen, durch einen VPN Tunnel hat die Sophos XG Kontakt zum Zentralnetz bzw. den DCs. Die Authentifizierung zu den DCs klappt ohne Probleme. User können sich über STAS authentifizieren usw. Geplant ist eine VPN-Einwahl über Windows 10 mittels…

Hallo zusammen, bei unserer XG125 ist unter Konfiguration -> Authentifizierung -> Server "DC1" -> Dienste -> "SSL-VPN-Authentifizierungsmethoden" der primäre DC als Authentifizierungsserver ausgewählt. Wenn man nun unter Konfiguration -> VPN -> SSL…

Guten Tag zusammen, Seit einiger Zeit ist ja schon bekannt, dass SATC mit Chrome nicht mehr funktioniert und SATC mit etwas ausgetauscht werden soll. Ich habe schon länger nach der Ablösung geschaut und vieles dazu gelesen, aber ich lese dazu immer…

Hello, In Sophos UTM SG there was a user prefetch - I am really missing this feature because I need to send quarantine-mails to every user on our on-prem exchange. Can´t believe that this is not longer implemented and users are only created when they…

Hello everyone, I would like to set up the firewall for radius sso. My radius server and switches are configured correct as i can get network access and vlan assignmet and failover based on my policies. My problem is the captive portal as the firewall…

When is Sophos implementing Azure SAML support for the SSL VPN? It's already available in the user portal how long until we can configure this for the VPN, we are contemplating dumping Sophos and moving to something else to get this feature.

im Trying to Authenticate Sophos XH230 with Zimbra LDAP, and i can't it always says "Test connection failed due to incorrect credential". help

Hello, can I change the display name of the authentication server without creating a new server ? I can change everything except the display name. The option is grayed out. Thx

Hi, I have been using Sophos 18.0.1 with AD authentication and its working fine. I have recently installed Sophos SFOS 19.5.1 MR-1-Build278 for testing. Initially it was having NTLM authentication issue, which i sorted out by deleting the nasm and…

Hi all, FW XG v (SFOS 19.0.1 MR-1-Build365) I just have 2 DCs with stas installed. I think stas authentication is working as you like in the capture, logon type is 3 !! But logon type 3 as defined: The STAS agent runs on a member server and…

Hi there, are there any plans that STAS will support IPv6? We are using IPv6 and STAS agent is not able to work if user is using IPv6. Besr regards, Oldrich

Hi, For a project I'm working with it is required to allow remote users with company provided laptops. This laptops are intended for business purposes only and should start a vpn to the in-house XGS firewall and block any direct connection to Internet…

Hi guys, We can't delete some users from sophos firewall. When we tried do this, this message was presented: " Couldn't delete user. A firewall rule, VPN connection, web policy rule, or SSL/TLS inspection rule exists for this user " We already delete…

We have had 1 site for a long time - we have an XG appliance. we have users vpn to the site and then user RDP to connect to internal resources. The user id and logon on the XG are seperate from AD user logon and we are using Sophos MFA. We recently…

Hello guys! I currently have a scenario that uses authentication between the firewall and Active Directory. In this same Active Directory, in addition to the main domain, I have other domains with linked users. In the authentication configuration…

Upgraded from 18.5 to 19.5 recently and found that i am unable to view user / admin QR codes under the authentication / one time password section. If a user changed a phone or lost, we would usually login to XG and see the QR code and scan it on the user…

We are currently using SOPHOS for our Firewall. We would like to tie it into our Azure AD. Since we had issues with RW, we will not put in a AD server on premise and according to Microsoft that AD was going to be phased out and Azure AD was going to be…

Is it somehow possible to identify which groups in SFOS have their source in Active Directory? To me local and AD groups all look the same on SFOS. Even after export of them as entities.tar. That makes managing larger environments with local groups…

hello, we need to use both ssl authentication with radius/mfa for admins and no mfa for normal users. ssl authentication servers are radius and AD. when i (admin user) connect to openvpn, i need to use mfa but if i wait without validating mfa, i…

Hello all, We are currently trying to change the authentication of our Wifi to certificates authentication, but are currently failing in the selection and setup of the RADIUS server. We use an Azure AD (no local Active Directory available) and have…

HOla! tengo un problema y a ver si alguien le ha pasado lo mismo y como puedo solucionarlo. Tengo un DC con DNS "pepito.local" donde tengo un servidor Web publicado al exterior por el dns https://CRM.pepito.com . En la zona LOCAL tengo creada…

So I have an XG firewall that is Authenticated with our 2 local AD Servers and was looking for some assistance with the below. 1. I did a migration to 2 new 2019 DCs last year and even though we kept the IPs the same, the names changed. Now for some…

Hi, there is already discussion from 4 years ago (+) Import Group Wizard hangs at "Select AD groups to import" - Discussions - Sophos Firewall - Sophos Community that got solved. I have this exact problem also today on an XG 230 Appliance that…

I understand that using Kerberos is the new recommendation from Sophos to replace STAS so that nothing needs to be installed/configured on the DC's themselves. I've followed this document: https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us…

Hello Community, I configured some Terminalservers with Intercept X and SATC (Sophos Authentication for Thin client) and User Accounts are recognized and can be used in XGS3300 Firewall rules. So far so good! Now I wish to exclude some User Accounts…