Hello, we are migrating a lot of customers from UTM to XGS/SFOS. With UTM the customers used AD SSO for authentication for web protection (different AD-groups and webfilter profiles). With UTM we never had any issue with AD SSO! Now with SFOS we ALWAYS…

Is it possible to configure SFOS to authenticate different users on different domains? My work has merged with another company. Network wise the two are joined. I've successfully added the 2nd domain server and a test connection is successful. …

Hello we are disbled NETBIOS / WINS for our Domain Network on client side. Since we did this we have problems to authentificate on our domaincontroller through VPN SSL. With VPN IPSsec all is fine. Also in LAN all is fine. Both, SSL and IPSec using the…

Hi, what is the status of this development, when is it coming? has sophos not yet understood how important this is for customers? the workaround that you send to people here in the forum does not always work properly either. we need a solutions, now…

Dear community, A deployed XGS 107, with the following configuration; Ports LAN and WAN Connected Gateway firewall -Routing & DHCP Enabled. Fails to show Live users ( data) whereas Live Connections are detected in the Network traffic. …

Hello, i'd like to report a possible bug without to make a case. We're using SFOS 19.5.3 MR-3, and tried to activate MFA for VPN or the userportal. Of five users, we had always two people who had problems with a OTP timestamp of more than 30 sec …

Hello, we use a XGS 2300 SFOS 19.5.3 MR-3-Build652 and I activated MFA for my account. When I login I can scan the QR code and I can see that a token is generated but everytime I log in it says that the QR code is unused and I should scan it again…

Our STAS users are added to Open Group instead of AD group. When using user portal users are added to the correct AD group. Any ideas why STAS users are not in the correct Group ? Can STAS run as non administrator account ? In STAS logs on DCs…

Dear Experts, We are using Sophos CAA (Client Authentication Agent) v2.0.1 to Authenticate our users for accessing the Internet, Now we're in the process of hardening our AD by implementing Microsoft Baseline Security policy on our Domain Controller…

We have activated the blocking function when someone had too many failed logins. While this is quite useful to block unwanted third-party login attempts, we sometimes have our own VPN users which fail to enter their password correctly or the TOTP. Is…

Hello, I have configured Sophos STAS on a new Active Directory domain. Everything works except the workstation polling via WMI. In the test utility I get an "access denied". in the event viewer of the workstation i have this error: Event 10036…

how do I remove a group member from the Sophos firewall authentication group? I can add members to the group and view group members, but I unable to delete.

Hi, Sophos is synchronized with Active Directory (AD), and when we disable a user's profile in AD, they should no longer appear in the Sophos user list. However, I noticed that some disabled users are still showing up in the Sophos user list. My question…

Dear Experts, I am configuring SMS gateway for guest users to access the Internet, our firewall firmware is on SFOS 19.5.2 MR-2-Build624, i am getting error "Response string:ERR_MOBILE"while Testing the connection please find the screenshot. can any…

I hope that I might be able to find an answer to my problem here. I have joined the Sophos XGS to the domain. The AD object looks good. The Sophos XGS name is configured with FQDN. Unfortunately I get this error message for Kerberos: "Cannot initialise…

We're using STAS and wanting to implement SATC for Terminal Servers Followed the documentation below, but now the system account is smashing the Authentication log with failures https://docs.sophos.com/nsg/sophos-firewall/20.0/Help/en-us/webhelp/onlinehelp…

Getting hundreds of these in the log for Authentication: Cannot establish NTLM authentication channel with Have read through all the other forum posts and they say to disable AD SSO in Device Access, but it's already…

Hello Sophos Community, I'm currently facing an issue while attempting to configure Azure AD Connect for the Sophos Firewall Admin Console, following the tutorial provided here . Despite meticulously following each step outlined in the tutorial, I…

Hi there, i'm securing our company network a little bit more and want to use the "Match User"-Feature within the fw rules. We're running a central Sophos XG135 cluster an a bunch of branch offices, which are connected via pfSense and IPSec-tunnels…

NPS is working perfect with Sophos MFA via onpremise VM try to migrate it to Azure vm but keep getting error: A RADIUS message was received from the invalid RADIUS client IP address 169.254.0.1 on the new NPS server. Any Ideas?

Hi All, We have 2 Sophos XG Firewalls setup in HA and using NTLM / Kerberos authentication. We notice that in Active directory there is only one firewall computer account showing and was wondering if that is ok or if there should be 2 accounts …

This seems not to work anymore Sophos Firewall: Create multiple AD Server entities in SFOS for multi domains When I try to do the last step I get the message "Please enter a valid server address in field "Server IP/domain"." I need to somehow…

Hello, we try to work with the PPTP Client vom Windows 10/11 and it doenst works with AD Users. If i try a local user from the Firewall works everything fine, but on AD Users i receive an error that the credentials are wrong. I have tried with DOMAIN…

I've been trying to install sophos network agent on android to authenticate, but on playstore it is not showing the install button the phone has android version 13 is there any way to do this????