• [Sophos XGS] User user@domain.local failed to login to Web Admin Console because of wrong credentials

    RaphaelleB
    RaphaelleB
    Hello, I'm posting a question because I'm having trouble setting up an administrator account generated by the AD for firewall access. My customer wants two of the AD users to be able to log into the firewall administration portal. I have tried…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG 135 - Radius server - Test connection failed due to incorrect credential

    Jaroslav Horník
    Jaroslav Horník
    Hi, in our small company we are using Sophos XG 135. I'd like to use RADIUS server for my VPN connections to verify user as AD integration only allows PAP and Radius allows MSCHAP v2. However, for the love of God, I haven't been able to make it work…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Azure joined PC Heartbeat sending wrong username ?

    qi24
    qi24
    Hello, i am trying to implement SSO for Azure AD users to XG firewall by heartbeat. These are M365 Cloud Only Users . The Username is ex. john.doe@ourdomain.com . Heartbeat tells me that the user is johndoe, without the dot. I guess that this is…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos Firewall users not joining my AD associated group

    Raphel prevost
    Raphel prevost
    Currently running a XG430 19.0. I am currently having trouble having my ad users being linked to the right group. I have created some security groups on my AD, I have synced them up with the sophos firewall using query like this (ou=x,dc=x,dc=.…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • When could the support for Google Authenticator and Authy come for Sophos VPN via 2FA?

    Jokx
    Jokx
    How is it possible that Sophos is still not supporting Google Authenticator, Twilio Authy or any other more wide-scale used 2factor authentication apps? It is claiming to be RFC-compliant and stating that those apps are not? Or what is the problem…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Problem with RED WiFi Authentication

    BeEf
    BeEf
    Hello I am using a RED 15w in my home office to connect to the company. When I connect it directly to the Fritz Box I am able to do so and the Authentication against RADIUS is working. WhenI connect through two devolo dlan550 and dlan650 this is…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Web Filtering Not Detecting Users

    gr33ny
    gr33ny
    Hello A few days ago I started a trial of SFOS 18.5 as a Hyper-V VM, specifically to trial the Web Filtering feature. Our users log on to Server 2012R2 Remote Desktop Servers. I've followed the guides on the website to add an AD server along with…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • AD User Sync in XG

    gr33ny
    gr33ny
    Hello I am trialling an XGS VM running SFOS v18.5.3 MR3. I have setup AD Sync for users and groups. We will specifically be using AD groups to control web filtering. Must all users first navigate to the user portal before the XG will place them…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG AD Join for WebProxy SSO

    Marco Hald
    Marco Hald
    Hi, I'm currently evaluating the XG as a Replacment for our SG Cluster. My Problem is that the NTLM and Keberos Authentication is not working and I'm redirected to the Captive Portal. I tried to find a Logfile where the AD Join is logged but I ha…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Radius Test Works but WiFi Won't Authenticate

    JeffCooper
    JeffCooper
    Hi, I'm setting up an XGS to authenticate wifi connections with WPA2 Enterprise to FreeRadius and OpenLDAP running on Ubuntu 20.0.4. I know the LDAP part works because my VPN connections work. Test Connection works in Authentication/Radius. So…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Authentication with Radius blocked by server 2019 firewall

    Sergio Renes
    Sergio Renes
    Hello, So I performed an in place upgrade on one of our domain controllers from 2012 to 2019, so that I don't have to worry about demoting and promoting blah blah blah. Before I upgraded the second DC I wanted to make sure our users can still authenticate…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG: Using Azure MFA with an OATH Token Code for SSL VPN and User portal

    TonyMongiello
    TonyMongiello
    Good afternoon. I was able to set up my XG to accept Azure MFA for Portal and SSL VPN access using a Radius server. This seems to work brilliantly for users who use the Microsoft Authenticator app and push (Appreove/Deny) notifications. We have a handful…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Active Directory Authentication Traffic Coming In Through IPSEC Tunnel Being Dropped as IP SPOOFING

    Ronald Chinomona1
    Ronald Chinomona1
    My topology is as the image above. I have an IPSEC tunnel between the branch office and head office. I have an AD server at the head office site. I want to configure Active Directory authentication on the XG at the branch office using the AD server at…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Authentication problems and domain administrator

    Frank Schmidt1
    Frank Schmidt1
    Hi all, we have two XGS2300 running in active-passive-mode. Firmware is SFOS 18.5.2 MR-2-Build380. We have AD authentication configured and I have questions regarding the AD. In the Sophos documentation ( docs.sophos.com/.../index.html) there…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XGS Filtering (Unauthenticated vs User Groups / Login Portal)

    Greg Conway
    Greg Conway
    I've a setup where we need machines to have a certain amount of access to the web while not authenticated/before login. (for deployments, remote tools, Azure AD login attempts) but we also need for the machine to use the web authentication if they try…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • AD Server Authentication Drops over IPSEC S2S VPN

    Luke Jenions
    Luke Jenions
    Hi All, Recently one of our clients who have a server setup with a Sophos XG210 at their HQ have opened up a new branch that only has desktops and no servers. Machines are connected to a domain and a few of the users from head office have moved to the…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Web filtering not picking up user

    Stuart James
    Stuart James
    Authentication logs show the user is authenticated correctly However when browsing, the web filter doesn't pick up the user, so therefore doesn't apply the right policies Any ideas where to look?
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos SMS gateway required response format

    Akshay Hegde
    Akshay Hegde
    Can anyone share complete details on SMS gateway response format. I had gone through docs. But documentation is not clear. https://docs.sophos.com/nsg/sophos-firewall/18.5/Help/en-us/webhelp/onlinehelp/AdministratorHelp/Authentication/GuestUserSettings…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Sophos XG 430 SMS gateway integration for guest registration

    Akshay Hegde
    Akshay Hegde
    So far I had gone through https://support.sophos.com/support/s/article/KB-000038037?language=en_US https://docs.sophos.com/nsg/sophos-firewallmanager/v17.0.0/Help/en-us/webhelp/onlinehelp/index.html#page/onlinehelp/SMSGWProfileEdit.html Still…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • KERBEROS before NTLM

    Ben@Network
    Ben@Network
    Hello Community, we have users which are allowed to authenticate via KERBEROS only. If this setting in AD set, the user cannot be authenticated from firewall to AD. If we disable this policy in AD the user will authenticated. For me it looks like…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Cannot remove AD user

    EdmundSackbauer
    EdmundSackbauer
    Hi all, I cannot remove an AD user from the users tab. This user has no firewall rule attached, nor is any VPN enabled, and no web policy active. I am on version 18.5.2 csc.log shows this: MESSAGE Mar 01 17:40:19Z [worker:26569]: {"request":{…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Is it possible to pull the group information from the LDAP server?

    XG_suupport
    XG_suupport
    Hello, My XG firewall is integrated with LDAP and I can login with the account from LDAP server. I can see all users account when they are logged in ('user' tab). but I cannot see their group information that I assigned in LDAP server. Is there…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • AD Authentication not working

    Arthur Marx
    Arthur Marx
    Hello, the AD authentication for the user portal and all other services is not working. I configured it according to this guide: https://docs.sophos.com/nsg/sophos-firewall/17.5/Help/de-de/webhelp/onlinehelp/nsg/sfos/learningContents/ConfiguringActiveDirectoryAuthentication…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How to integrate authentication with Active Directory

    BobbyDigital
    BobbyDigital
    Hello World, Is it possible to configure Sophos XG to authenticate users for internet access once they sign in to their workstations? If not is it possible to force the browser to re-direct the user to the network authentication portal? Also, if…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Prevent AD user creation if not member of imported group

    Dan Williams
    Dan Williams
    Hi We have setup AD authentication on our XG and imported a "VPN Users" AD group on to our XG. The VPN Users group is assigned to the SSLVPN. If a user authenticates via the SSLVPN 2.1 client, a user is created in the "VPN Users" group on the firewall…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>