• XG - Prevent RADIUS auth from overwriting existing user with default group

    Felix Entrop
    Felix Entrop
    Hi all, I just set up a virtual XG appliance and pretty much everything is working fine, except for one issue. I needed to use Duo proxy as 2FA solution, which is (temporarily) running on the Domain Controller on the LAN (configured as AD client …
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Generate OTP token with next sign-in

    Jae
    Jae
    Hi, I recently upgraded to SFOS 17 to 19.0.1 MR-1 and I used to have access to the user's QR codes as admin. This was handy with remote users when they got new phones or lost their phone I could easily add the OTP token back to their new phone. I understand…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • AD SSO - Cannot establish NTLM authentication channel with xxx

    MakoRantz
    MakoRantz
    Hi, We use AD SSO and Ketboros and everything is working fine however we are getting this message in the logs 'Cannot establish NTLM authentication channel with xxx' Message ID 17945. What is this and how can we stop it please ? Many thanks …
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS and AD sync

    Manu_Mathew
    Manu_Mathew
    Hello, Have 2 questions related to user authentication. 1. Do we know the sync interval between Sophos XG and Active Directory. .We have disabled few users from AD, however they are still able to authenticate against Sophos Firewall via a captive…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG and Duo MFA not working properly, new setup

    Josh Lawrie
    Josh Lawrie
    I am facing an issue with setting up Duo for the Sophos XG firewall. I know Sophos has not built out their dedicated API to work with Duo yet (need to resort to using Sophos UTM application protection in Duo), but I have confirmed that this is working…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • 2FA with AD-Groups

    LHerzog
    LHerzog
    Hi, we have turned on 2FA for all our users for VPN and userportal. Currently each user has been added individually to "Multi-factor authentication (MFA) settings". By doing this we were most flexible. So far so good. Now we want to switch…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos(STAS) logs out AD users

    Farzan Barouj
    Farzan Barouj
    Hello, everyone, In our network we use STAS. a few days ago we disabled NTLMv1 in the network and since then every 5 to 10 minutes all users either get no internet access or get Captiv Portal windows through their browser. Apparently the users are logged…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XGS 136w - How to setup up STAS and/or SATC for WIndows Remote Desktop?

    Iain Penman
    Iain Penman
    Hi. Been a previous user of Cyberoam firewalls and have a site with Sophos XGS136w device. The firewall is AD integrated, and the domain has STAS configured and operating. This site has a vast majority of users on a Windows RDP server. I'm attempting…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall | Active Directory Users Not syncing to the groups correctly

    Tharindu Premarathne
    Tharindu Premarathne
    Issue A customer is faced with a strange problem in the Sophos XGS Fw (v19), After rebooting the firewall or the Active Directory server, certain users are no longer in their group. We add all the subnets to the STAS and log in to the user portal…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Cannot establish NTLM authentication channel with <domain>

    Carlos Carvalho
    Carlos Carvalho
    Hi, I recieved this Firewall log, and I don't know what is. Can someone explain for me what is this please? Thanks Carlos
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • AD SSO not working without proxy on Sophos XG 18.0.1 MR-1-Build396

    Moeed Aziz
    Moeed Aziz
    Hi, We have setup proxy on client computer for the sophos xg and AD SSO in place and it just works fine; user starts browsing, gets seemlessly authenticated via AD SSO and surfs on... Now my organization wants to get rid of proxy settings, the traffic…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Missing communication between STAS Agents and STAS Collector

    MichalKawecki
    MichalKawecki
    I wanted to share my observations regarding communication problems between STAS Agents and Collector. We have three domain controllers, one primary and two backup. I installed the nevest STAS application on each of them. One of them was launched in…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Active Directory Issue | STAAS

    Tharindu Premarathne
    Tharindu Premarathne
    A customer is faced with a strange problem in the Sophos xgs Fw (v19) , After rebooting the firewall or the Active Directory server, certain users are no longer in their group . We add all the subnets to the STAS and log in to the user portal (The technical…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • STAS ISSUE SOME USER ARE LOGIN WITH STAS AND SOME USER ARE LOGOUT AFTER 10 TO 20 MIN`

    satyabrata bastia
    satyabrata bastia
    Hi, i have faced issue with STAS configure STAS in firewall and AD and check with user some user logout after 10 to 30 min and some user system are still are in stas. windows system are connected through stas-Windows 10 pro version-1809 os build…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Repeated "Cannot establish NTLM authentication channel with [domain]" messages in Authentication

    JeffCooper
    JeffCooper
    Hi All, I have an XGS2300 and just updated from 19.0 to 19.0.1. Everything authenticates. Users can access remote access IPSEC, WiFi (through Radius), and User Portal. But I keep getting the message "Cannot establish NTLM authentication channel…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Active Directory UPN Suffixes

    cm00001
    cm00001
    Hello, I have had a problem with duplicated users due to the use of an UPN suffix in Active Directory. The domain was created using a “.local” domain name. However, an UPN suffix was configured to allow the use of a public domain. This has meant having…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • User losing authentication

    Bruno H Silva
    Bruno H Silva
    Dear, Some Windows 10 machines started to lose internet connection. I'm using STAS with Active Directory authentication. When the user logs in again to windows, the connection returns. Can anybody help me?
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • STAS ISSUE !!!

    satyabrata bastia
    satyabrata bastia
    Hi, i have configured stas in DC and after configured user and connected through STAS and no login required i have created multiple groups with user rule in sophos.when user login to system i have checked the log its showing as per created rule but…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG one user has poblems accessing websites - onclick protection and XG local login 8091

    Fred_B
    Fred_B
    We have onclick protection enabled in Email Gatweay so e-mails with urls have a Sophos substitute url. OnClick Sophos checks the url and when found correct the browser is refered to the correct url. This works as intented. HOWEVER there is one user…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Configure Terminalserver Access with AD SSO authentication for multi-user hosts

    Christian Niemann
    Christian Niemann
    Hello, i would configure out Terminalserver Access with AD SSO authentication for multi-user hosts. I follow this article: https://docs.sophos.com/nsg/sophos-firewall/19.0/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Authentication/HowToArticles…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How to integrate Sophos FW with Azure AD

    Arya AM
    Arya AM
    We don't have have on-premise AD, need to integrate the firewall with Azure AD.\ We have IPSec tunnel connectivity between FW and AD.
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Cannot establish NTLM authentication with %NETBIOS%

    Joseph  McDonald
    Joseph McDonald
    Hello, I am struggling with NTLM issues (I am not using STAS and trying to use Kerberos) I think I have setup everything correctly. is there any detailed logs I can look at.
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Remote STAS in bridge mode

    Gib GoDesk
    Gib GoDesk
    Remote STAS in bridge mode Hello guys. I'm approving an environment where we have sophos in bridge mode. The following scenario being evaluated. Office: router <-> sophos fw(l2) <-> switches Inside this office we have an AD with STAS, running…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Linking Citrix with Sophos XG Firewall

    Chris GER
    Chris GER
    Dear Community. due to the current not so transparent information I am looking for a supported way to allow users of an RDP session to apply firewall rules based on "Active Directory Groups" basis. This is to prevent that user 1 from group 1 can access…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • connection lost for 30 seconds randomly

    Cristiano de Morais Lima
    Cristiano de Morais Lima
    Hi everyone, a customer where I recently deployed a Sophos XGS 136 is reporting that desktops are losing internet connection for 30 seconds and then returns normally, and that this is not for any specific desktop, but randomly. Is anyone experiencing…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>