• Sophos Firewall: How to Enable Multi-factor Authentication/OTP Settings With Captive Portal Authentication

    Vivek Jagad
    Vivek Jagad
    Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Product and Environment …
    • over 1 year ago
    • Sophos Firewall
    • Recommended Reads
  • Two Questions regarding SFOS (MFA and Synchronized user ID OS support)

    seroal
    seroal
    Hi there, two more questions regarding SFOS. 1.) For the MFA via OTP Token, is it possible to cache the second Factor for a certain time, so that is hasn´t to be entered any time a user logs into Userportal/VPN? 2.) It is mentioned in the…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect - Autoconnect - MFA - Remote Users

    Andrew Bryson
    Andrew Bryson
    We have autoconnect enabled for users, and used to have MFA (Sophos) enabled. We had to disable MFA as it was causing grief for remote users with flakey Internet (and no other ISP options available). Internet connections would go down for a few seconds…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Setup MFA on SSL VPN Client With Eset Secure Authentication

    Louis Havenga
    Louis Havenga
    Good day Members, I trust you are well. We are trying to setup MFA for users to use with the VPN. We have Eset Secure authentication and would like to continue to use it as the MFA application. We currently have a Sophos xgs and are using the remote access…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS - Device Access profile for MFA admin only

    Simon Hunter
    Simon Hunter
    I am running Sophos XGS 19.5.2 MR-2-Build624 in an active / passive cluster. I have configured IPSec VPN for 150+ remote users. I have enabled MFA for all Users. I have a small 3rd line support team, but want to provide access to my servicedesk to administer…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • 2FAS cant scan QR code using iphone

    Sophos User1175
    Sophos User1175
    hi all, people with iphones that have the 2FAS app cant scan the QR code that appears on there user portal as we do 2fa for openvpn weird thing is people with android can scan there QR codes fine no problem thanks, rob
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XG OTP - Why weak SHA-1 and low encryption length?

    Nafets
    Nafets
    XG550 (SFOS 19.0.2 MR-2-Build472) This is specially directed to Sophos: Hello SOPHOS, i tried to import a Sophos XG created TOTP into Sophos UTM which is handling reverse proxy functionality with reverse auth including totp (because sophos xg is not…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • How to import >100 TOTP-Hardware-Token?

    dirkkotte
    dirkkotte
    Did anyone else do this before? Some Ideas? Thx
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall: Users unable to authenticate via OTP

    Erick Jan
    Erick Jan
    Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Pre-requisites Troubleshooting…
    • over 1 year ago
    • Sophos Firewall
    • Recommended Reads
  • Generate OTP token with next sign-in

    Jae
    Jae
    I have about 50 remote users on a19.5.2 MR2-Build624 firewall. The firewall was migrated over from a previous version that didn't have "Generate OTP token with next sign-in". If I enable this feature will it make all my users reenroll for a new OTP token…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Does Sophos MFA Expire

    WSTC Financial Services
    WSTC Financial Services
    Please does Sophos MFA expire? I configured MFA on SSL VPN about 3 months ago and I had issues connecting sometime last week. I had to delete my MFA account, rescan the QR Code on the user portal before I could access the SSL VPN again. Now two users…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Unsatisfactory implementation of provisioning + OTP in Sophos Connect client

    Quallensaft
    Quallensaft
    Unfortunately, I had to find the following problems regarding OTP + SSL VPN (for me pretty useless regarding the provision feature): General: - User without (manual) first login (without existing OTP) are not supportet -> no login possible without OTP…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • XG/S v19.x+: Verwendung der Firewall eigenen OTPs im Authentifizierungsmodul der WAF (Web Server Protection)

    UweGreßhake
    UweGreßhake
    Hallo, hat jemand Erfahrung damit oder kann Tipps geben, wie man bei einer XG / XGS die systemeigene OTP Funktionalität in den Authentifizierungsmodulen der WAF ebenfalls aktivieren kann, ggf. über die Advanced Shell? Über den Webadmin der XG/S ist es…
    • over 1 year ago
    • Sophos Firewall
    • German Forum
  • Sophos XG Firewall - IPSEC VPN MFA ISSUE with OTP PIN

    Martin Hampl
    Martin Hampl
    Hi, I have XG125 (SFOS 19.5.1 MR-1-Build278) and IPSEC Remote Access for the users with internal OTP MFA. Remote users started to report disconnecting the VPN during the day, BUT also the need for MFA PIN to be entered multiple times a day. For example…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Connect MFA prompt with .ovpn files now that Sophos have broken Sophos Connect profiles

    jamesharper
    jamesharper
    Now that Sophos have effectively broken .pro configuration files with 19.5.2 by disabling the user portal WAN access after 90 days of no use, i'm looking to migrate everyone to using imported .ovpn files instead. This carries a bit more initial setup…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • New QR Code

    Wilson Natanauan
    Wilson Natanauan
    How do I generate a new QR Code for the users we have users who have been issued with a new Iphones , they have wiped out the old phones with the Sophos Authenticator App as a result , they cannot setup their Account to the new Phone because they…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Connect Client Provisioning Files with MFA enabled

    DavidSain
    DavidSain
    I setup a connect client with a provisioning file. Had Authentication to an AD server setup. When the user connects for their first time while using a provisioning file, it works beautifully. Now, enter MFA. Because most places want some extra security…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • MFA on web authentication

    Guilherme Silva1
    Guilherme Silva1
    I am using MFA for certain users, using it in Web Admin Console, SSL VPN and User portal in which there is no way to disable it. However I would not want to require MFA for web authentication, for example, an unknown user is directed to the web portal…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Change OTP Name for authenticator apps

    JohnnyInc
    JohnnyInc
    Hello Sophos and everyone else, we are in the progress from switching all of the UTMs to XGSs at our customers. Unfortunately we are facing a little problem with the OTP implementation at XGS. At the (Google) Authenticator App we see the following…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Bug: SSH keys disappear when Admin has 2-Factor authentication enabled

    LHerzog
    LHerzog
    There may be a bug in SFOS regarding SSH keys. we noticed on 2 different SFOS firewalls, one XG430 (SFOS 19.0.1 MR-1-Build365) and one XGS136 (SFOS 19.5.1 MR-1-Build278) that SSH Keys you add here: after you have enabled Multi Factor Authentication…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Multi Site XG and MFA

    Ray Banville
    Ray Banville
    We have had 1 site for a long time - we have an XG appliance. we have users vpn to the site and then user RDP to connect to internal resources. The user id and logon on the XG are seperate from AD user logon and we are using Sophos MFA. We recently…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall: Enable separate (3rd) input box for SSLVPN MFA instead of Password+OTP.

    Alok
    Alok
    Disclaimer : This information is provided as-is for the benefit of the Community. Please contact Sophos Professional Services if you require assistance with your specific environment. Table of Contents Overview Sophos Connect Provisioning…
    • over 1 year ago
    • Sophos Firewall
    • Recommended Reads
  • QR code missing in SFOS 19.5.0

    itguy318
    itguy318
    Upgraded from 18.5 to 19.5 recently and found that i am unable to view user / admin QR codes under the authentication / one time password section. If a user changed a phone or lost, we would usually login to XG and see the QR code and scan it on the user…
    • Answered
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • SSL VPN with and without radius/mfa

    Louis D
    Louis D
    hello, we need to use both ssl authentication with radius/mfa for admins and no mfa for normal users. ssl authentication servers are radius and AD. when i (admin user) connect to openvpn, i need to use mfa but if i wait without validating mfa, i…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • Sophos XGs MFA authentication with push notifications

    Ignas Butrimas
    Ignas Butrimas
    Hello, maybe are some way to setup MFA auth with Azure AD MFA with push notifications? I mean when connect to Sophos XGs (User portal, Admin portal, VPN) in your phone pop-up window in you MS Authenticator app in the phone and you need only to allow…
    • over 1 year ago
    • Sophos Firewall
    • Discussions
  • View related content from anywhere
  • More
  • Cancel
<>