Good day all, We are having issues on the clientless SSO that there's multiple account hoping around the end user. Below are the scenario 1) Multiple account sign-in I have login with my AD account and it can be seen authenticated on the AD and…

We have tried to set up SSO in our company and we faced issues while changing from one subnet to another. Since we were under premium support, we raised a ticket but still couldn't solve. Is there a solution to it??

Hello all, after trying STAS for a while, I'd like to try the SSO client too. Finally I cannot understand, I read many threads, how do confirm that the client is correctly installed and working fine? I cannot see any trace of performed logins…

Hello Plz how can i bloc acces to the internet for NON-Aactive directory, or Local User. I already import my AD user and make the policy for only AD User, and check the " Match known users is selected" But i see that all PCs from the local subnet…

Hi I setup a new XG115 and added the AD Server with test connection was successful. Also I installed STAS but I it seems have to have an issue left since I can't login with my windows users. My Server has the IP 192.168.109.211 My XG115 192.168…

Dears I need to configure my domin users to use SSO for internet access without Sohos prompt login page, and this login page only appear for non domain users or who dont have access to my domin. At this moment all users that have access or not have access…

Hi everybody, i would like to know if it is normal to see in log that users authenticating via SSO continously logs in and out. I have this behavior in my network and sometimes its annoying, captive portal appears to som users and they are complayng.…

Hi all, I have setup a 210 with XG and STAS, I want to sync the users from the AD groups, I follow some guides but I can't see any user in any groups. I read some posts about this and they say all the users had to login into user portal so the XG…

Hey guys, I've configured STAS in an AD environment. This AD environment has 5 DCs so I setup 4 DCs as the agents and 1 as the collector. Everything works just fine except only 1 user are always missing from the live users on XG and Collector…

We currently are utilizing STAS for transparent authentication to our Sophos XG firewalls. The issue we notice, is that all users are authenticated with their IPv4 address in STAS. Has anyone been able to transparently authenticate IPv6 and IPv4 users…

Good Day, I'm trying to authenticate mobile phones and tablets (Android & OSX) so I can apply web filtering rules. I don't want to download and user the android/apple app so I’ve searched and found that it might be possible if I use SSO Authentication…

Hello, i have an XG in a branch office with a VPN tunnel to the main office with any-any rules both ways, main office has a UTM with the AD servers, stas is already configured there. the fixes for the broken xg net to net vpn funcitonality are also…

Hello I'm connecting a remote branch office to the main office via VPN (PPTP) connection. In the main office there is a XG Firewall, in the branch office a mikrotik router. I need to authenticate my remote users by using a Domain Controller located…

Subject says it all; if you enable the STAS system for SSO, should you disable NTLM authentication? I am seeing what appears to be collision caused by having them both enabled, I see the SSO client get logged out by the firewall whenever the NTLM login…

So as I have stated in multiple other threads, I do not believe STAS WMI polling is working correctly, at least not for me. It tests ok when I use the test function, but the logs always show the wrong person identified when the STAS client attempts to…

I installed the STAS agent and collector on my domain controller, setup the client and tested as much as I could and everything seems to test ok. I enabled STAS on the XG firewall, enabled User Inactivity, added the collector IP. So far so good. My…

Hello! I have configured SSO via radius accounting in my home network. I use Microsoft NPS on Server 2016 as a Radius server and three access points running OpenWRT. Radius authentication on the accesspoints is working fine and the accounting is configured…

Hi all, We have CR100ING at a customer site (with sophos fw:16.05.0.GA). We are experincing problem. Active Directory sync is working without a problem on Ethernet. Users can go online with SSO authentication. When same user disconnects from Ethernet…

WARNING... Amature looking for guidance. :-) Environment: Standard network Windows Network 2 Active Directory Domain Controllers (for redundancy: BOTH Server 2008 R2) DC 1: 10.130.210.40 (FSMO Roles: PDC, RID pool master, Infrastructure master…

NEED HELP! Background: One-Man-Band IT guy (I do it all from Servers, Printers, PC, you name it... etc) So one of these "Jack of all trades, Master of none" type of guys. So needless to say, time is ALWAYS an issue, and I don't usually have time to constantly…

Hello gays, Purge AD Users from AD Server can automatically do this by schedule? My Firmware is SFOS 16.05.1 MR-1 ChuChien

Please bear with me, I am a 1-man IT band, and am NOT a "Firewall" guy. :-) Background: Simple Network: 2 Active Directory Domain controller Servers (for redundancy) w/ STAS Suite loaded on BOTH controllers. 1 XG Sophos Firewall XG 230 …

Is any two factor authentication application available for Blackberry mobile? Thanks Iffi

Hi All, There's been an issue identified where as if a user has special character in their sAMAccountName, STAS and the XG Firewall will fail the authentication because a user object can't be created because of the special character. I don't consider…

Hello all, First off great product... Problem my SSO is not working with STAS, even with all tests working and XG authentication server added and all ports open "5566,6060,6677" inbound outbound Live user list does populate and shows all AD users…