Hello I am trialling an XGS VM running SFOS v18.5.3 MR3. I have setup AD Sync for users and groups. We will specifically be using AD groups to control web filtering. Must all users first navigate to the user portal before the XG will place them…

Is there a recommendation how to use the AD home folder feature when using Intercept-X, Heartbeat and User Authenticated firewall rules? The folder will not mount because it happens very early at the user logon on the endpoint and the user is not…

Hi, I'm currently evaluating the XG as a Replacment for our SG Cluster. My Problem is that the NTLM and Keberos Authentication is not working and I'm redirected to the Captive Portal. I tried to find a Logfile where the AD Join is logged but I ha…

Hello, I'm experiencing an issue related to DCOM error logs generated in Active Directory. I saw that they already have several records for other users, who faced the same problem with these logs, but in none found a solution or some conclusive answer…

My topology is as the image above. I have an IPSEC tunnel between the branch office and head office. I have an AD server at the head office site. I want to configure Active Directory authentication on the XG at the branch office using the AD server at…

Hi all, we have two XGS2300 running in active-passive-mode. Firmware is SFOS 18.5.2 MR-2-Build380. We have AD authentication configured and I have questions regarding the AD. In the Sophos documentation ( docs.sophos.com/.../index.html) there…

I have two Sophos XG's both XG 230's and one Active Directory server. I have tried to integrate both XG's to the the AD server using the exact same parameter's. On one XG the integration is successful but the other refuses. It throws an error, Test connection…

Hi All, Recently one of our clients who have a server setup with a Sophos XG210 at their HQ have opened up a new branch that only has desktops and no servers. Machines are connected to a domain and a few of the users from head office have moved to the…

Hi All, For secure AD authentication it seems Sophos advice is to install AD CS and create an AD CA on every AD server you use. Link: https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/128222/sophos-firewall-how-to-integrate-active…

Hi all, I cannot remove an AD user from the users tab. This user has no firewall rule attached, nor is any VPN enabled, and no web policy active. I am on version 18.5.2 csc.log shows this: MESSAGE Mar 01 17:40:19Z [worker:26569]: {"request":{…

Hello, the AD authentication for the user portal and all other services is not working. I configured it according to this guide: https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/de-de/webhelp/onlinehelp/nsg/sfos/learningContents/ConfiguringActiveDirectoryAuthentication…

Hello World, Is it possible to configure Sophos XG to authenticate users for internet access once they sign in to their workstations? If not is it possible to force the browser to re-direct the user to the network authentication portal? Also, if…

Hi We have setup AD authentication on our XG and imported a "VPN Users" AD group on to our XG. The VPN Users group is assigned to the SSLVPN. If a user authenticates via the SSLVPN 2.1 client, a user is created in the "VPN Users" group on the firewall…

I have added Active Directory Domain controller to the servers list under authentication, imported groups, have users from AD, however, kerberos/ntlm doesnt work. I have made sure that SSO is enabled for the LAN interface and that the browser is using…

In the last couple days I've been trying to give admin access to some users to manage Sophos firewalls via WAN accross multiple sites. However, I have to manually set the user type as "Administrator". Manually setting 10 users or more accross more than…

I have setup AD authentication to our XG for Sophos Connect, everything is working well (users auto import when connecting to the user portal and VPN connects no problems). Is it possible to restrict User Portal/VPN Connections to a particular security…

Hello, We need to implement AD Authentication into a client's environment, the AD Auth will be used for the Sophos Connect VPN client. Unfortunately, the client has 3 different UPN Suffixes (as they utilise 3 different email domains). Please advise…

Hi, i new with XG Firewall and want configure the autentication integration with Active Directory service. I add correctly my AD but dont find the manual for Configure SF-OS to use AD Server Authenticacion, the link is broken and i want configure with…

Hey all. I have setup Active Directory integration and everything seems to be working fine from that aspect. Users are able to login to the user portal using their active directory credentials but when they try VPN the credentials do not work. When…

I need to be able to integrate the XGS116 with Azure AD for web browsing so that active users/connections shows the correct username as opposed to N/A I've currently set it to "Clientless" and added an IP address range so that browsing is attributed…

Good morning, I'm relatively new when it comes to XG firewalls and have a simple question. We currently have AD setup to sync to our firewall for IPSEC VPN authentication. Recently, a user had their name changed, to which we updated in active…

Hey, We have a XG setup with AD authentication, and it seems to be pulling from the username from the "pre windows 2000" field instead of the normal username field. This means we have a customer with a long username (firstname.lastname) where the last…

A customer has a major number of Apple MAC OS computers. The Devices are Active Directory joined, all have Sophos Endpoint Protection installed, the users log onte the computers with active directory credentials. All the customer's locations have Sophos…

I am looking for the possibility to set-up the following: - Sophos XG integration with Azure Active Directory (perhaps LDAP or a software-feature from Sophos) - Sophos XG authentication on the VPN client based on the Azure Active Directory account…

Hi everyone, Im an IT ADMIN of an hospital, I've got issue with Firewall Rules that i want to apply to AD group membership. The thing is that Rules Work Randomly for some users and don't work for another. The rules AD group target is "Users…