Can anyone share a roadmap update for getting native Azure AD (otherwise now known as Entra ID) authentication for Sophos Connect on XG appliances? The last thread was closed out nearly a year ago: Azure AD authentication for Sophos Connect - Discussions…

Sophos XGS 4500 19.5.3 Before I fully understood how the Sophos/AD import and integration worked with respect to users, groups, and authentication for SSL VPN I set up AD search scopes to import users. I didnt understand that Sophos would automatically…

After updating to the version SFOS 19.5.3.652, users could not login to the VPN. Authorization is done on ESET's RADIUS server with OTP. The RADIUS server test will run correctly. There is an error in the log - failed to login to SSLVPN through RADIUS…

Hi there, two more questions regarding SFOS. 1.) For the MFA via OTP Token, is it possible to cache the second Factor for a certain time, so that is hasn´t to be entered any time a user logs into Userportal/VPN? 2.) It is mentioned in the…

Servus Ich hab eine Gruppe auf der XGS erstellt die die Internetnutzung für die Nutzer darin einschränkt. Nun möchte ich ein paar Nutzer aus dieser Gruppe entfernen finde jedoch keine Möglichkeit. Wie gesagt ist keine AD Gruppe sondern eine manuell…

Hello I have problem using WMI as logoff detection method on STAS and most of live users disconnect after few minutes from logging to any device I use STAS on DC and Additional DC and I opened all needed ports for DCs and users devices through group…

The captive portal has an option to run in HTTP. But the guest user self registration page by default shows up in HTTPS. Is there any way to make it work in HTTP? We want to avoid any certificate errors.

Good day Members, I trust you are well. We are trying to setup MFA for users to use with the VPN. We have Eset Secure authentication and would like to continue to use it as the MFA application. We currently have a Sophos xgs and are using the remote access…

Hello, I am still relatively new with Sophos products. I've got a Radius server set up to authenticate users to the admin interface, but it's not working. I've reviewed the documentation several times and am unable to determine what I'm missing. I feel…

We are experiencing an issue with authentication failures due to username not being retrieved a full username with the Heartbeat Auth Client. If I login via web client it authenticates properly. For example user1@domain.local. The logs are showing it…

hello there , I am using the radius server to authenticate my clients , I configured the radius server and every things working fine , but when the Firewall sending Request to my radius server it is not sending the general attributes that the other brands…

I am running Sophos XGS 19.5.2 MR-2-Build624 in an active / passive cluster. I have configured IPSec VPN for 150+ remote users. I have enabled MFA for all Users. I have a small 3rd line support team, but want to provide access to my servicedesk to administer…

Good day Folks, I'm trying to get the following scenario to work for "STAS over IPSEC with authentication at Head office instead of branch": 1. User signs in at branch office 2. HEAD office firewall picks up or gets the authentication forwarded…

Hello! Just wondering if there is any way to handle / block unmanaged access points in the network. I am using XGS3300 as firewall. The network is working on DHCP and the APs automatically connect to the network. Though the first user is asked for authentication…

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Background Configuration…

We are currently facing an issue with our Sophos XG230 Firewall configuration related to LDAP user authentication and group assignment for SSL VPN profiles. Current Configuration: Firewall Model: XG230 Firmware: XG230 (SFOS 19.5.2 MR-2-Build624…

Hi Community, i have a problem with one of our customers setups, they're running a windows server 2012 Domain controller and i'm trying to connect the sophos utm 9.716 to it, however it always says failed to bind with this dn and password, server exists…

i try to connect my AD with sophos firewall 19.5.2 but dont work; i do all step on this document Sophos Firewall: Best practice for STAS but dont work i do all test and i have communication but never show me user on firewall and log only saw this error…

hi all, people with iphones that have the 2FAS app cant scan the QR code that appears on there user portal as we do 2fa for openvpn weird thing is people with android can scan there QR codes fine no problem thanks, rob

XG550 (SFOS 19.0.2 MR-2-Build472) This is specially directed to Sophos: Hello SOPHOS, i tried to import a Sophos XG created TOTP into Sophos UTM which is handling reverse proxy functionality with reverse auth including totp (because sophos xg is not…

i want to configure Guest portal with SMS , please guide me how to do it? how it will work? SFOS 19.5.2 MR-2-Build624

Hello everyone, I have configured user authenticate via Active Directory. I synced groups on AD to firewall already, AD's user can login to firewall user portal. Problem is if that logged in user in default OU such as "User" or "Computer" on AD, synced…

Hi, i have implemented STAS , i need redundancy in case my domain controller is down how to do that. Thanks satya

Hallo, vielleicht hat jemand einen Tipp für mich. Wir haben eine XGS 136 mit der Firmware 19.5.2 und haben Probleme mit der AD SSO Authentifizierung über Kerberos oder NTML. Wir haben zwei AD Server die wir erfolgreich in der XGS hinterlegt haben…

Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Pre-requisites Troubleshooting…