We are experiencing an issue with authentication failures due to username not being retrieved a full username with the Heartbeat Auth Client. If I login via web client it authenticates properly. For example user1@domain.local. The logs are showing it…

hello there , I am using the radius server to authenticate my clients , I configured the radius server and every things working fine , but when the Firewall sending Request to my radius server it is not sending the general attributes that the other brands…

I am running Sophos XGS 19.5.2 MR-2-Build624 in an active / passive cluster. I have configured IPSec VPN for 150+ remote users. I have enabled MFA for all Users. I have a small 3rd line support team, but want to provide access to my servicedesk to administer…

Good day Folks, I'm trying to get the following scenario to work for "STAS over IPSEC with authentication at Head office instead of branch": 1. User signs in at branch office 2. HEAD office firewall picks up or gets the authentication forwarded…

Hello! Just wondering if there is any way to handle / block unmanaged access points in the network. I am using XGS3300 as firewall. The network is working on DHCP and the APs automatically connect to the network. Though the first user is asked for authentication…

Disclaimer: This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Background Configuration…

We are currently facing an issue with our Sophos XG230 Firewall configuration related to LDAP user authentication and group assignment for SSL VPN profiles. Current Configuration: Firewall Model: XG230 Firmware: XG230 (SFOS 19.5.2 MR-2-Build624…

i try to connect my AD with sophos firewall 19.5.2 but dont work; i do all step on this document Sophos Firewall: Best practice for STAS but dont work i do all test and i have communication but never show me user on firewall and log only saw this error…

hi all, people with iphones that have the 2FAS app cant scan the QR code that appears on there user portal as we do 2fa for openvpn weird thing is people with android can scan there QR codes fine no problem thanks, rob

XG550 (SFOS 19.0.2 MR-2-Build472) This is specially directed to Sophos: Hello SOPHOS, i tried to import a Sophos XG created TOTP into Sophos UTM which is handling reverse proxy functionality with reverse auth including totp (because sophos xg is not…

i want to configure Guest portal with SMS , please guide me how to do it? how it will work? SFOS 19.5.2 MR-2-Build624

Hello everyone, I have configured user authenticate via Active Directory. I synced groups on AD to firewall already, AD's user can login to firewall user portal. Problem is if that logged in user in default OU such as "User" or "Computer" on AD, synced…

Hi, i have implemented STAS , i need redundancy in case my domain controller is down how to do that. Thanks satya

Hallo, vielleicht hat jemand einen Tipp für mich. Wir haben eine XGS 136 mit der Firmware 19.5.2 und haben Probleme mit der AD SSO Authentifizierung über Kerberos oder NTML. Wir haben zwei AD Server die wir erfolgreich in der XGS hinterlegt haben…

Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Pre-requisites Troubleshooting…

We have a local DC with our domain users set up. No more than about 10 users. We use sophos XG firewall for some users to access local resources using the sophos VPN client from a PC, with 2FA (using a QR code initially to set up) Users in the sophos…

I have about 50 remote users on a19.5.2 MR2-Build624 firewall. The firewall was migrated over from a previous version that didn't have "Generate OTP token with next sign-in". If I enable this feature will it make all my users reenroll for a new OTP token…

Good day SMS portal throws 403 error when i enter username and password. I do get the first screen but denies the login credentials. it works fine on the external internal. I allowed the URL on the web filter but still it does not take the login credentials…

I need to know if I can use a user with less privileges than administrator account to sync our AD with our Sophos XG Firewall Greetings!

Hi all, I actually troubleshooting AD-user login to user portal. System is XGS2300 actually patched. I setup AD user to be able to use SSL following this article https://support.sophos.com/support/s/article/KB-000038367?language=en_US . I did that…

Hello, Can you please tell me, how can we import users via CSV file in XG210 (SFOS 19.5.1 MR-1-Build278).

Sophos XGS - User Authentication with BYOD we have a network setup in which domain-joined users authenticate via Stas. However the challenge is with BYOD users - as of now we have wireless setup in which a radius server authenitcate BYOD users via…

Good day, Has anyone been successful in implementing certificate based Radius authentication for wireless clients. My setup includes XGS, APX AP that supports Radius authentication. The kb's i have come across mentions about using PEAP. Will be good…

Hello, Q: How can we add / change E-Mail-address for ALL AD users? "Purge AD Users" does not update that attribute. We need this for quarantine digests. Not any user has the need to logon at userportal and/or connect via IPSEC - both adds / changes…

Hello Sophos Community, I have the following problem and hope that you can help me. I have configured STAS in my company, which works really well so far. However, I have noticed a scenario that my users keep stumbling across that STAS does not cover,…