Hi I have two sophos xgs (xgs 2100 & Virtual), i have exported full configuration from XGS 2100 and wanna import it to Virtual Appliance. when i try to import config, everything Are imported except active directory users. i see all local users, but none…
Hi all.
I'm currently facing a problem on an XGS2100 where AD authentication & SSO through Web auth are enabled and working. Just for a few minutes...
Next step on every single client (Windows, Android but not iOS) is lose of connectivity and need…
Hello All,
With sophos xg in the company
AD authentication (stas and CAA)
I have may be 40 rules FW LAN > WAN, but all these rules are with " match known users ", so users or groups are presents
there is no rule witch allow mac@ pc or ip address…
We're moving from SG / UTM and i'm looking for the ability to create custom Webadmin-roles and assign AD-Groups to these roles.
Is there a way to configure this in SFOS?
e.g. Membership in AD Group "Access-Sophos-Webadmin" should allow authentication…
Pls Help!
I'm quite new to Sophos and an trying to use my Active Directory to authenticate users via radius but it refuses to save the server. It passes the connection test on setup but when you come to save it BOOM error.
Pls could someone who is…
I recently configured captive portal on my network using my AD as the autheticator server.
My users can login on their laptops but if they try to do so on their respective phones, they get this error message " User.... failed to login to Firewall through…
Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table of Contents
Overview:
Error, ADS server name already…
Can Sophos confirm please that SFOS 19.0.1 is still not able to detect staggered group membership of a Active Directory? Because that is what I noticed yesterday.
I tried to use a top level group that contains sub-groups for Firewall rules. If the user…
I was wondering if you could help me setup a a firewall rule so that outside URL (eplatform, used for digital libraries) can communicate with our AD so that users can login with their AD username and password. I have added the external host IP of the…
Hi,
We use AD SSO and Ketboros and everything is working fine however we are getting this message in the logs 'Cannot establish NTLM authentication channel with xxx' Message ID 17945. What is this and how can we stop it please ?
Many thanks
…
Hello,
Have 2 questions related to user authentication.
1. Do we know the sync interval between Sophos XG and Active Directory. .We have disabled few users from AD, however they are still able to authenticate against Sophos Firewall via a captive…
Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table of Contents
Overview
Adding Active Directory Certificate…
Hi,
we have turned on 2FA for all our users for VPN and userportal.
Currently each user has been added individually to "Multi-factor authentication (MFA) settings".
By doing this we were most flexible. So far so good.
Now we want to switch…
Issue
A customer is faced with a strange problem in the Sophos XGS Fw (v19), After rebooting the firewall or the Active Directory server, certain users are no longer in their group. We add all the subnets to the STAS and log in to the user portal…
Hi All,
I'm currently using CAA to authenticate users to the firewall so that user group-specific rules can be applied. However, it has some issues, especially when a PC is used by more than one user - it installs in the first user's profile folder…
Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment.
Table of Contents
Overview
AD Users creation process…
A customer is faced with a strange problem in the Sophos xgs Fw (v19) , After rebooting the firewall or the Active Directory server, certain users are no longer in their group .
We add all the subnets to the STAS and log in to the user portal (The technical…
Hi All,
I have an XGS2300 and just updated from 19.0 to 19.0.1.
Everything authenticates. Users can access remote access IPSEC, WiFi (through Radius), and User Portal.
But I keep getting the message "Cannot establish NTLM authentication channel…
Hello,
I have had a problem with duplicated users due to the use of an UPN suffix in Active Directory. The domain was created using a “.local” domain name. However, an UPN suffix was configured to allow the use of a public domain.
This has meant having…
Hello,
i would configure out Terminalserver Access with AD SSO authentication for multi-user hosts.
I follow this article: https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Authentication/HowToArticles…
Dear Community.
due to the current not so transparent information I am looking for a supported way to allow users of an RDP session to apply firewall rules based on "Active Directory Groups" basis. This is to prevent that user 1 from group 1 can access…
Hi support,
I have a few questions on configure Active Directory authentication on my XGS.
I have followed the guide here:
Configure Active Directory authentication - Sophos Firewall
When I open the VPN portal, I cannot login using my AD user…
I am not sure where else to request a feature, so I am going to request it here.
It would be nice to be able to tie an active directory group to an XG Admin rule. This way all the users in that AD group can login to the XG Firewall with admin permissions…
Hi,
I have active directory configured and it works. Users can log in to the user portal, vpn, and wifi. Yay!
But, the attributes for the display name and email do not pull over from the AD Server.
Example: The user logs in with username
The name…