Hi;
I'm having trouble with STAS dc connection. After users sign in to windows, the captive portal page appears. They can access the internet after logging in here. I'm getting errors that you see below in DC logs. How to solve this problem?
"DCOM…
HI,
There is another issue after updating MR8, after upgrade it to MR8 it takes few minutes to connect AD users to the domain. when I log in to the PC network icon shows as limited connection after few minutes it became too normal.
Before updating…
Since the implementation of STAS SSO, we’ve had a problem with users being logged out of the firewall (logged out of STAS) when the user is connected to their workstation via RDP. Note, when the user is connected directly to the console of their workstation…
Hey guys.
So, I'm in a bit of a pickle here. I've just deployed a XG on a customer for a POC and enabled STAS. Everything worked fine for a few days, but now every morning I get absolutely no authentication from STAS to the XG box. Searching the logs…
Hi all,
I am constantly hitting an issue with the administrator being the one logged into most PC's due to a service that runs periodically. I get this and I see other posts about it.
I have set the administrator account up in the STAS exclusion…
Currently have a XG unit installed and using LDAP server to authenticate users through STAS. Each time a user goes online, the username on the log is the service account. Looking through the STAS logs and I see that the user is changed each time. Any…
Hello,
I have a problem on a XG210 (V17.1) of my custommer. The STAS worked well for weeks but stopped working this week end after the old DC has been demoted.
The STAS was collecting the informations of the two DCs, it was working, and the custommer…
Firmware Installed : 17.1.0-GA
STAS: 2.2.2.0
Symptoms : XG Firewall successfully configured for authentication for AD , remote users works fine and gets logged under "Remote Users" however Active Directory users are not logged.
Stas.log generates…
Hey guys,
I have STAS set up and running on my system but I am not really getting desired results with my settings.
The authentication side with AD is fine, I have WMI working fine and I can check IP's on the STAS program and WMI tests fine.
I…
Hello,
We are part of a multinational group, and we are not allowed to install any kind of apps on our DCs. My problem is that I'm using Sophos as a Firewall (STAS was installed in old domain and running perfectly) and I want to know what option I have…
Hi All,
We have migrated from UTM to XG.
For the moment we use NTLM, but we wanted to switch to STAS.
I found multiple documentation related to this.
We have 3 DC's. Is the best practice to install the STAS SSO Suite on the 3 dc's.
Or is better…
Hi,
I'm having trouble creating rules by Active Directory user group. I installed SSO Suite correctly on the server, added it as a collector in SOPHOS, and did import some groups. However, when I create rules with imported groups, I realize that there…
Hi, We have a sophos XG authentication problem with zimbra ldap. we are using SOPHOS XG with the latest updates version 17.06, with Zimbra version 8.8.8 We want to use Zimbra ldap for smtp authentication. Here are the parameters we gave to Sophos XG to…
Since installing STAS/XG/interceptX i've noticed my domain computers are taking ages to login. I've disabled interceptX to rule it out (i know this is the authentication group) and had a look at my domain controllers event logs.
I have STAS installed…
Hello i have this problem with the STAS system.
I have 2 XGs, one XG210 (v17 MR5) at the main office site and a XG125 (v17 MR6) at the branch office site.
STA AGENT has been configured on the DC01 to scan my local and remote subnet via EVENTLOG. STA…
Hello,
I have searched the forums for STAS supported configurations, but couldn't find anything specific to my particular environment. I have also worked with support pretty extensively on our STAS configuration, but we simply weren't able to get…
This recent Knowledge Base Article provides step-by-step instructions on how to setup our Sophos Transparent Authentication Suite in an environment with a single Active Directory Domain Controller.
The following topics are covered:
Sophos Clientless…
Hi all,
I have a testcase, I integrated AD with Sophos XG and use STAS. I configured user Test can access to internet, I log on user Test to the machine. Then I log off user Test and log on local account to the this machine. Just like the rule this…
Hi,
Our set-up is as follows:
Two XG330 firewalls in HA
3 domain controllers that have the STAS utility installed.
1 of the 3 domain controller is a network policy server
6 meraki AP's that connect to the meraki cloud platform.
Most of our…
Hi Guys,
New to the forum. we have a XG in our office. and two domain controllers. We trying to get SSO to work. i have configured STAS using the document here:
https://community.sophos.com/kb/en-us/123154
My understanding is that there are two…
Dear all,
I have installed stas and integrated AD with xg310.
Then i did import all the users from AD into Xg-310.
And created a firewall rule to access internet from lan to wan and enabled "match known users" & "Captive portal to unknown users…
I'm looking to install Sophos STAS, so I created a user account to run as the service, svcSophos. I went to services.msc, entered the credentials and it tells me it isn't authorized.
What are the minimum groups this user needs to be added in, or roles…
I have recently deployed STAS in my network. Users are having issues getting proper access to network resources when browsing from the terminal server. What could be causing this ?
Hi All,
I'm having a problem here that part of the AD user are login through web client instead of STAS.
On the XG we have configured the STAS and it is working fine until yesterday we upgraded the box firmware to SFOS 17.0.3 MR-3
Initially all…
I'm about to implement STAS for our Sophos UTM and trying to see if it is best to spin up a RODC so I can allow only local admin rights on that VM. With a DC that is a Global Catalog Server, adding an account to the "Administrators" group under BUILTIN…