Hello,
we try to work with the PPTP Client vom Windows 10/11 and it doenst works with AD Users.
If i try a local user from the Firewall works everything fine, but on AD Users i receive an error that the credentials are wrong. I have tried with DOMAIN…
I;m following the few videos that I can find about how to set up Entra AD SSO for captive portal and VPN but I can't seem to get it working. Are there any step by step instructions that I can follow, other than the published Sophos videos, which seem…
I am adding a new domain controller to our domain and am having trouble adding it to the authentication servers in Sophos. The server is active and working as expected and I've checked all of the same firewall settings as our old DCs. The only difference…
Hi,
I have Sophos Home edition on a machine, which use AD authentication in user-based rules to allow internet. In addition to that we have some IP based rules as well for some devices that cannot be joined (or we don't want to join them) to the domain…
Hello,
i am quite new to the XGS Appliance, coming from the UTM.
We still facing a lot of problems since the migration, one of that is the user authentication for SSO.
The import of the users and the ad groups worked well and most of the useres…
Hi everyone,
We have added AD server with sophos xg 230. And it is showing that "Servers using plaintext connection: 1" in Authentication > Servers .
As you can see above. Please tell me solution.
Regards,
Vaibhav
Hi Everyone,
Sophos UTM user making the move to SFOS firewall and need some help. I am having a diffiecult time getting the settings right to authenticate to Active directory on a new Sophos Firewall. With the Sophos UTM software you entered the Bind…
I notice that even though we only have 2 dc's, our failed password threshold is at 6 tries before locking but it seems people get locked out after only 1 failed attempt.
is this manageable ?
Thanks!
Sophos XGS 4500 19.5.3
Before I fully understood how the Sophos/AD import and integration worked with respect to users, groups, and authentication for SSL VPN I set up AD search scopes to import users. I didnt understand that Sophos would automatically…
Hello
I have problem using WMI as logoff detection method on STAS and most of live users disconnect after few minutes from logging to any device
I use STAS on DC and Additional DC and I opened all needed ports for DCs and users devices through group…
We are experiencing an issue with authentication failures due to username not being retrieved a full username with the Heartbeat Auth Client. If I login via web client it authenticates properly. For example user1@domain.local. The logs are showing it…
Hello everyone,
I have configured user authenticate via Active Directory. I synced groups on AD to firewall already, AD's user can login to firewall user portal.
Problem is if that logged in user in default OU such as "User" or "Computer" on AD, synced…
We have a local DC with our domain users set up. No more than about 10 users. We use sophos XG firewall for some users to access local resources using the sophos VPN client from a PC, with 2FA (using a QR code initially to set up)
Users in the sophos…
Hi all, I actually troubleshooting AD-user login to user portal.
System is XGS2300 actually patched. I setup AD user to be able to use SSL following this article https://support.sophos.com/support/s/article/KB-000038367?language=en_US .
I did that…
Hello,
Q: How can we add / change E-Mail-address for ALL AD users? "Purge AD Users" does not update that attribute.
We need this for quarantine digests. Not any user has the need to logon at userportal and/or connect via IPSEC - both adds / changes…
I need to synchronize an Azure Active Directory of one of our customers that does not contain an LDAP service, the synchronization has the objective of connecting the users of that AD in the VPN IPSec Client, when synchronizing with the firewall I verified…
Hello,
In Sophos UTM SG there was a user prefetch - I am really missing this feature because I need to send quarantine-mails to every user on our on-prem exchange.
Can´t believe that this is not longer implemented and users are only created when they…
I have two Domain controlers and on both installed STAS for twho Sophos XG HW appliance in HA active-pasive. After upgrade from 18.5.4 to 19.5.1 i have problem evaluating user rules. After upgrade i reinstall STAS to newwr vrsion on both DCs. I need reeneter…
Hi guys,
We can't delete some users from sophos firewall. When we tried do this, this message was presented: " Couldn't delete user. A firewall rule, VPN connection, web policy rule, or SSL/TLS inspection rule exists for this user "
We already delete…
Hello guys!
I currently have a scenario that uses authentication between the firewall and Active Directory.
In this same Active Directory, in addition to the main domain, I have other domains with linked users.
In the authentication configuration…
Is it somehow possible to identify which groups in SFOS have their source in Active Directory?
To me local and AD groups all look the same on SFOS. Even after export of them as entities.tar.
That makes managing larger environments with local groups…
hello,
we need to use both ssl authentication with radius/mfa for admins and no mfa for normal users.
ssl authentication servers are radius and AD.
when i (admin user) connect to openvpn, i need to use mfa but if i wait without validating mfa, i…