• Sophos XGS Radius configuration failed

    admin_idl
    admin_idl
    Hello, We are currently adding authentication via a Radius server on the firewall. Unfortunately, we always get the following message when testing. Does this mean that the username and password are wrong or is it due to the settings that are being checked…
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS add Radius

    admin_idl
    admin_idl
    Hello, We want to add a Radius Server on the XGS. Which entry must be stored for the item ‘Groupe Name Attribute’? Where can I find this attribute on the Radius Server? Thank You!
    • 1 month ago
    • Sophos Firewall
    • Discussions
  • Rant - SSLVPN with Duo RADIUS Proxy Change after SFOS 20.0.0

    jdh201
    jdh201
    So, I wanted to post a bit of a rant here regarding an undocumented change to RADIUS authentication after SFOS 20.0.0 that has broken my DUO MFA implementation. For years I have had my users added from AD and I was able to pull multiple groups through…
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Radius Authentication over SD-WAN

    IanR222
    IanR222
    I have radius authentication working locally from the Sophos Firewall to the local radius server for both VPN and for WiFi authentication, however I am unable to get the authentication working from the Sophos Firewall to another radius server at a remote…
    • Answered
    • 2 months ago
    • Sophos Firewall
    • Discussions
  • Central Wireless with Radius Certificate Authentication

    Norman99
    Norman99
    Hi, we try to transfer our UTM-Customer with old AP-Models to Sophos Central Wireless with AP6. The Customer uses Certificate based Authentication in combination with Windows Server 2019 Network Policy Service and Active Directory integrated Certificate…
    • 3 months ago
    • Sophos Wireless
    • Discussions
  • Sophos XG does not recognize user group returned by NPS RADIUS server

    Haris Alatovic
    Haris Alatovic
    Hello everyone, I have issue with Sophos XG firewall running SFOS 19.5.4 MR-4-Build718 configured for authentication via RADIUS server running on Windows Server (NPS service) with Azure MFA extension. We use it for MFA for VPN users. It works fine except…
    • Answered
    • 4 months ago
    • Sophos Firewall
    • Discussions
  • Second Radius server is mandatory

    Jens Lattke
    Jens Lattke
    In an enterprise environment it is absolutely mandatory to have more than one radius server (e.g. for two NAC-Devices doing the authentication). To us it's already tragic that we can not realise this on our APX Access Points. But we've just seen that…
    • 4 months ago
    • Product Documentation Feedback
    • Feedback
  • Sophos UTM L2TP over IPSec setup question

    Andrew English
    Andrew English
    I am using 9.719-3. I found this documentation: docs.sophos.com/.../Remote_Access_Via_L2TP.pdf The problem is we are using RADIUS and when the user connect to the VPN DNS does not work. I have even added the DNS servers to the Remote Access -> Advanced…
    • 4 months ago
    • UTM Firewall
    • General Discussion
  • Complete Radius NPS Guide with EAP and certificate available?

    Cero01
    Cero01
    Hello everyone, is there a complete Guide available for setting up XGS and NPS with EAP and certificate authentication? We want to move on from a working EAP and MSChapv2 configuration because it is deprecated. i wonder, do i need to change…
    • 5 months ago
    • Sophos Firewall
    • Discussions
  • SSO RADIUS for vpn portal & vpn connect client

    Mathieu Rojo
    Mathieu Rojo
    Hi, My client already use a radius server for authenticated they users. Actually, only the switch contact the radius. I would like to do the following but I don't know if it's possible: Est-il possible de configurer le portail VPN pour que l'utilisateur…
    • 6 months ago
    • Sophos Firewall
    • Discussions
  • User Duo lockout SSLVPN

    Lance Ecklesdafer
    Lance Ecklesdafer
    Hello everyone, We are running into an issue where the SSL VPN client will drop a connection and then cause a DUO lockout after sending multiple auth attempts. Has anybody found a way to use DUO for SSL (via DUO Radius Server) that will not continually…
    • Answered
    • 8 months ago
    • Sophos Firewall
    • Discussions
  • same SSID with different RADIUS-Servers?

    dirkkotte
    dirkkotte
    Hi all, is there an option to use the same SSID with different RADIUS-Servers in Central Wireless + AP6 ? We have to configure the same SSID for all locations ... but should use local RADIUS-Servers (we have Latency of nearly 1000msec to some locations…
    • 8 months ago
    • Sophos Wireless
    • Discussions
  • Sophos APX and 802.1x network security

    Martin Nowak
    Martin Nowak
    Hi all, we have a XGS116 in place and 5 APX320 and two APX120 in our environment. As our company will definitely fall under NIS2 directive I am currently testing how to secure our internal network. We already use NPS with internal CA and all AD user…
    • 9 months ago
    • Sophos Wireless
    • Discussions
  • RADIUS VLAN Assignment

    Tom Bullock
    Tom Bullock
    Is there an ETA when this will be available on the AP6 series? We have it on the APX series but we are replacing due to them becoming EoL. We have around 3500 APs to replace and might need to look at another vendor.
    • 10 months ago
    • Sophos Wireless
    • Discussions
  • Central Wireless: Access Point falsely reports RADIUS-Server 1812 not reachable for unreplied proxied requests

    LHerzog
    LHerzog
    APX 530 on Sophos Central is using a RADIUS configuration with 111.222.33.22 (just a dummy IP) as RADIUS Server on port 1812. 111.222.33.22 is a RADIUS Proxy. Based on the requested SSID the proxy decides to sent the request to several real RADIUS servers…
    • 10 months ago
    • Sophos Wireless
    • Discussions
  • NPS Server in Azure for MFA

    Lars86
    Lars86
    NPS is working perfect with Sophos MFA via onpremise VM try to migrate it to Azure vm but keep getting error: A RADIUS message was received from the invalid RADIUS client IP address 169.254.0.1 on the new NPS server. Any Ideas?
    • 10 months ago
    • Sophos Firewall
    • Discussions
  • Sophos Central Bug: assign or remove AP to or from AP6 SSID: An unexpected error occurred while processing the request

    LHerzog
    LHerzog
    I have created an AP6 SSID with RADIUS 802.1X. So far so fine. Now, whenever I add or remove an AP6 AP and click save, I get this error An unexpected error occurred while processing the request When I cancel afterwards, the change has been applied…
    • over 1 year ago
    • Sophos Wireless
    • Discussions
  • AP6 problem with VLANs and other configuration issues

    Jarno Hynynen
    Jarno Hynynen
    Hi! We sold AP6 (420E) devices to our customer. But they seem to work completely differet from APX devices. Network basics: Management from Sophos Central. AP's are going to be in management VLAN (70) and NOT accessible from Office network. …
    • over 1 year ago
    • Sophos Wireless
    • Discussions
  • Configuring Sophos Central Wireless SSID with Radius Authentification

    Jerome Droux
    Jerome Droux
    In the Sophos documentation for configuring a Radius Server for an SSID in Sophos Central, it is indicated that you must create a Radius client for the access point with its IP, as well as a Request Policy with its serial number. Following this documentation…
    • over 1 year ago
    • Sophos Wireless
    • Discussions
  • Sophos Switch and Microsoft NPS (RADIUS)

    Matjaz Dobrovoljc
    Matjaz Dobrovoljc
    Hello I am trying to implement 802.1x on Sophos switch with Microsoft NPS server. After configuring all settings on both sides (IP addresses, shared secret etc..) there is no logs from Sophos switch in event log on NPS server. I checked on firewall…
    • over 2 years ago
    • Sophos Switch
    • Discussions
  • SFOS 19.5.3.652 failed to login to SSLVPN through RADIUS authentication mechanism because of access not allowed

    Vojtech Borkovec
    Vojtech Borkovec
    After updating to the version SFOS 19.5.3.652, users could not login to the VPN. Authorization is done on ESET's RADIUS server with OTP. The RADIUS server test will run correctly. There is an error in the log - failed to login to SSLVPN through RADIUS…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Radius Authentication to Admin Interface Fails Despite Valid Test

    CF1 Tech
    CF1 Tech
    Hello, I am still relatively new with Sophos products. I've got a Radius server set up to authenticate users to the admin interface, but it's not working. I've reviewed the documentation several times and am unable to determine what I'm missing. I feel…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Radius Server Attributes are Missed

    Muhammad Elbuvaydani
    Muhammad Elbuvaydani
    hello there , I am using the radius server to authenticate my clients , I configured the radius server and every things working fine , but when the Firewall sending Request to my radius server it is not sending the general attributes that the other brands…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Central Wireless RADIUS: Roaming Clients between APX320 and APX530 lose connection when on APX530

    LHerzog
    LHerzog
    Hi, we notice a strage issue for a while now when WiFi clients are connected to a 802.1X RADIUS WiFi that contains APX320 and APX530 APs that are managed in Sophos Central. Occasionally it happens, when they move in the office and roam between the two…
    • over 1 year ago
    • Sophos Wireless
    • Discussions
  • Radius authentication based on machine certs for wireless clients

    itguy318
    itguy318
    Good day, Has anyone been successful in implementing certificate based Radius authentication for wireless clients. My setup includes XGS, APX AP that supports Radius authentication. The kb's i have come across mentions about using PEAP. Will be good…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
>