I have two Sophos XG's both XG 230's and one Active Directory server. I have tried to integrate both XG's to the the AD server using the exact same parameter's. On one XG the integration is successful but the other refuses. It throws an error, Test connection…
Hi all,
we have two XGS2300 running in active-passive-mode.
Firmware is SFOS 18.5.2 MR-2-Build380.
We have AD authentication configured and I have questions regarding the AD.
In the Sophos documentation ( docs.sophos.com/.../index.html) there…
Hi All,
Recently one of our clients who have a server setup with a Sophos XG210 at their HQ have opened up a new branch that only has desktops and no servers. Machines are connected to a domain and a few of the users from head office have moved to the…
Hi All,
For secure AD authentication it seems Sophos advice is to install AD CS and create an AD CA on every AD server you use.
Link: https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/128222/sophos-firewall-how-to-integrate-active…
Hi all,
I cannot remove an AD user from the users tab. This user has no firewall rule attached, nor is any VPN enabled, and no web policy active.
I am on version 18.5.2
csc.log shows this:
MESSAGE Mar 01 17:40:19Z [worker:26569]: {"request":{…
Hello,
the AD authentication for the user portal and all other services is not working. I configured it according to this guide:
https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/de-de/webhelp/onlinehelp/nsg/sfos/learningContents/ConfiguringActiveDirectoryAuthentication…
Hello World,
Is it possible to configure Sophos XG to authenticate users for internet access once they sign in to their workstations?
If not is it possible to force the browser to re-direct the user to the network authentication portal?
Also, if…
Hi
We have setup AD authentication on our XG and imported a "VPN Users" AD group on to our XG. The VPN Users group is assigned to the SSLVPN.
If a user authenticates via the SSLVPN 2.1 client, a user is created in the "VPN Users" group on the firewall…
I have added Active Directory Domain controller to the servers list under authentication, imported groups, have users from AD, however, kerberos/ntlm doesnt work. I have made sure that SSO is enabled for the LAN interface and that the browser is using…
Hi all,
we have recently replaced a customers firewall with two XGS 126 in active/passive cluster. During the implementation we experienced some issues we wanted to discuss here to find a solution, if possible. I already did some research in the Sophos…
In the last couple days I've been trying to give admin access to some users to manage Sophos firewalls via WAN accross multiple sites. However, I have to manually set the user type as "Administrator".
Manually setting 10 users or more accross more than…
Hello, we have 2 Sophos XG Firewall 430 in active-active HA mode. And I've configured some firewall rules to allow users in some AD groups to navigate. Ex.: I create a firewall rule for each AD group and create a specific WEB Policy for this AD group…
I have setup AD authentication to our XG for Sophos Connect, everything is working well (users auto import when connecting to the user portal and VPN connects no problems).
Is it possible to restrict User Portal/VPN Connections to a particular security…
Hello,
We need to implement AD Authentication into a client's environment, the AD Auth will be used for the Sophos Connect VPN client. Unfortunately, the client has 3 different UPN Suffixes (as they utilise 3 different email domains). Please advise…
Hi, i new with XG Firewall and want configure the autentication integration with Active Directory service.
I add correctly my AD but dont find the manual for Configure SF-OS to use AD Server Authenticacion, the link is broken and i want configure with…
Hey all. I have setup Active Directory integration and everything seems to be working fine from that aspect. Users are able to login to the user portal using their active directory credentials but when they try VPN the credentials do not work.
When…
Hi there,
I am currently testing an XG3300 model to replace our Untangle UTM and am running into issues with the AD Authentication and the Username that it records. We have an addtional UPN in our AD that we use as the logon name for students/staff…
I need to be able to integrate the XGS116 with Azure AD for web browsing so that active users/connections shows the correct username as opposed to N/A
I've currently set it to "Clientless" and added an IP address range so that browsing is attributed…
Good morning,
I'm relatively new when it comes to XG firewalls and have a simple question.
We currently have AD setup to sync to our firewall for IPSEC VPN authentication. Recently, a user had their name changed, to which we updated in active…
Hey,
We have a XG setup with AD authentication, and it seems to be pulling from the username from the "pre windows 2000" field instead of the normal username field. This means we have a customer with a long username (firstname.lastname) where the last…
I am looking for the possibility to set-up the following:
- Sophos XG integration with Azure Active Directory (perhaps LDAP or a software-feature from Sophos)
- Sophos XG authentication on the VPN client based on the Azure Active Directory account…
A customer has a major number of Apple MAC OS computers. The Devices are Active Directory joined, all have Sophos Endpoint Protection installed, the users log onte the computers with active directory credentials.
All the customer's locations have Sophos…
Hi everyone,
Im an IT ADMIN of an hospital, I've got issue with Firewall Rules that i want to apply to AD group membership.
The thing is that Rules Work Randomly for some users and don't work for another.
The rules AD group target is "Users…
Hi, we have a headoffice and three branchoffices. Headoffice uses XG135, branchoffice use 1 x XG 125 and 2 x XG 86
I have created VPNs with automatically created firewall rules. Each branchoffice uses the DefautBranchoffice Policy and the headoffice…