• 20.0.0 GA to 20.0.2 MR2 378 - Sophos Connect - SSL VPN - AD Groups not added on authentication

    Fred_B
    Fred_B
    After the XG 210 upgrade to SFOS 20.0.2 MR2 build 378 we now have the issue that firewall rules for AD Group VPN Users no longer work for some SSL VPN users belonging to the AD VPN Users group. We know that IPSEC doesn’t work with AD groups but SSL VPN…
    • 7 days ago
    • Sophos Firewall
    • Discussions
  • how to enable SFOS authentication with different UPN and SamAccountName

    LHerzog
    LHerzog
    I have learned how to support UPN or multi UPN configuration with local Host / DNS registrations on the Firewall directly. I have configured that successfully on the firewall. Sophos Firewall: Authentication Multi UPN configuration But as written in…
    • 22 days ago
    • Sophos Firewall
    • Discussions
  • SSL VPN 2FA options - or how to prompt for the OTP token?

    furicle
    furicle
    I'd like to roll out SSLVPN to some of our users, but the password concatenated with the OTP code is very awkward.... You can't save the password, and you can't easily use a password manager either. Is there some way or 3rd party software that will…
    • Answered
    • 23 days ago
    • Sophos Firewall
    • Discussions
  • AD Authentication Time-out

    Chris Burke2
    Chris Burke2
    This issue just started on Sunday, reoccurred just now. Remote VPN login times-out. I've narrowed it down to an issue with the FW connecting to AD. The "Test Connection" failed. A reboot of the FW fixes the issue (Both times). After reboot, the "Test…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • office 365 user integrate with sophos firewall

    wilfredo Capiral
    wilfredo Capiral
    Hi, im new in sophos firewall, we have office 365 user and what i want is when they will connect to our vpn they will use there office 365 username and password, for authentication. example sophos client or opnvpn connect
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS Radius configuration failed

    admin_idl
    admin_idl
    Hello, We are currently adding authentication via a Radius server on the firewall. Unfortunately, we always get the following message when testing. Does this mean that the username and password are wrong or is it due to the settings that are being checked…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS add Radius

    admin_idl
    admin_idl
    Hello, We want to add a Radius Server on the XGS. Which entry must be stored for the item ‘Groupe Name Attribute’? Where can I find this attribute on the Radius Server? Thank You!
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS Delete a group imported from the AD

    admin_idl
    admin_idl
    Hello everyone, We have imported groups from the AD on the XGS and now wanted to tidy up a bit and remove various AD groups from the firewall again. When trying to delete the groups we get the message: Thank You!
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • VPN with Authentication Active Directory with enumeration blocked

    Tecnologias Imaginadas
    Tecnologias Imaginadas
    Hi. Anyone has configured Sophos XGS SSLVPN with Active Directory Authentication on AD with enumeration blocked? After configure Server on XGS I can authenticate and retrieve groups/users without problem... My problem appears when try to authenticate…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • SSL VPN Fehler 17711

    TobiasSchubert
    TobiasSchubert
    Hallo, seit gestern bekommen Benutzer, welche nur auf der Sophos lokal angelegt sind folgenden Fehler: 17711 - User failed to login to SSLVPN through AD authentication mechanism because of wrong credentials. Warum sucht die Sophos nun plötzlich…
    • 1 month ago
    • Sophos Firewall
    • German Forum
  • Assistance Required: Importing Users from Active Directory to Sophos XG home Edition

    Ahmad Abdeen
    Ahmad Abdeen
    Hello, I am using Sophos XG Home Edition on VMware and have configured it to connect with Active Directory. While I am able to import groups successfully, I do not see an option to import individual users directly from Active Directory. I would like…
    • Answered
    • 1 month ago
    • Sophos Firewall
    • German Forum
  • User member of multiple AD Groups - why not working for MFA / 2FA?

    LHerzog
    LHerzog
    We have AD synced Groups. We use them for FW Rule permissions, SSL VPN access and MFA control on the Firewall. Now we have this scenario: User XY is member of these groups: Group A (used for a firewall rule) Group B (all members of the company,…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • ZTNA Token timeout

    David Barrie
    David Barrie
    How do we configure a requirement for both agent and agentless to require daily authentication? We have attempted this through M365 conditional access policies asking it to request sign in but it has no affect. It seems unsecure to essentially never…
    • 2 months ago
    • Zero Trust Network Access
    • Discussions
  • Now Available! Passkey Authentication for Sophos Central

    jonathan_jesse
    jonathan_jesse
    At Sophos, our mission is to provide industry-leading cybersecurity solutions that not only protect your business but also afford a simple, streamlined user experience. In line with this commitment, we are thrilled to announce that Sophos Central will…
    • 1 month ago
    • Sophos Central
    • Release Notes & News
  • STAS issues with RDP

    jtaylor
    jtaylor
    We use a lot of single user RDP sessions so I've configured STAS with Registry Read polling and it works except for two issues: - When the polling happens every three minutes, the live users for the RDP sessions drop out for up to 10 seconds. - If…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Rant - SSLVPN with Duo RADIUS Proxy Change after SFOS 20.0.0

    jdh201
    jdh201
    So, I wanted to post a bit of a rant here regarding an undocumented change to RADIUS authentication after SFOS 20.0.0 that has broken my DUO MFA implementation. For years I have had my users added from AD and I was able to pull multiple groups through…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Radius Authentication over SD-WAN

    IanR222
    IanR222
    I have radius authentication working locally from the Sophos Firewall to the local radius server for both VPN and for WiFi authentication, however I am unable to get the authentication working from the Sophos Firewall to another radius server at a remote…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • AD SSO operations

    jtaylor
    jtaylor
    Hi, I’m struggling to find documentation about how Active Directory SSO operates (as opposed to how to set it up). The kind of questions I have are… Is the initial browser authentication transparent, or does the captive portal appear for login? …
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • passthrough.fw-notify.net authentication returns "Invalid Request" using return token

    garth1138
    garth1138
    Just upgraded my SG230 Firewall to Firmware 9.720-5. Since then, the usual passthrough.fw-notify URL as shown below: (*****)://passthrough.fw-notify(dot)net/static/auth_transparent.html?return=(****)://www.google(dot)com/ Note: the above (*****)…
    • 2 months ago
    • UTM Firewall
    • General Discussion
  • Feature-request Warning in case of communication failure between Sophos and LDAP

    Patrick81
    Patrick81
    Good morning everyone. Since the function of a company depends on the LDAP query, I would consider it extremely important to receive a warning. If the LDAP query fails. The MTA then no longer checks users if the connection to LDAP is disturbed (it cannot…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Cannot establish NTLM Authentication channel

    DavidSain
    DavidSain
    Lots of posts about this. Here is an example. AD SSO - Cannot establish NTLM authentication channel with xxx Seems like the recommendation is to disable AD SSO in all zones. But what if we want SSO so we can log user web traffic? Why might we want…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Sophos MTA/VPN/VPN-Portal/User-Portal etc. mit Authentifizierung am ADDS

    Patrick81
    Patrick81
    Schönen guten Tag zusammen, folgendes ist mir grade aufgefallen. Wenn das ADDS nicht erreichbar ist, lässt der Sophos-MTA, Mails zum E-Mail-Server durch, an Empfänger die es gar nicht gibt! Dann antwortet der Mail-Server postmaster@Domäne.de sorry die…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • German Forum
  • ZTNA is authenticating but stops loading ... how to debug?

    dirkkotte
    dirkkotte
    ZTNA has stopped working ... possible after uploading new certificates. - open "fhem.ztna.mydomain.de" Authentication is triggered but afterwards i got a black screen - redirect to AZURE-Auth -- authenticating (i try different users) - redirected to …
    • Answered
    • 3 months ago
    • Zero Trust Network Access
    • Discussions
  • SOPHOS STAS inactivity Timer issue

    Ahmad
    Ahmad
    hi, i have XGS2100 (SFOS 20.0.2 MR-2-Build378).very wired issue is being faced. i am using STAS for user authentication. user rule is down in the rules. on top of all i have created rule in which i added mac address of few users. this rule is not working…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Outlook and teams' application disconnect frequently

    Rameshwar Apar
    Rameshwar Apar
    Hi all, we are using XG firewall and using STAS authentication for user internet access. we are facing issue with outlook and teams application this application getting discounted frequently, but that time internet is working fine with the system…
    • 3 months ago
    • Sophos Firewall
    • Discussions
>