Hello, we are missing some features since our migration to Sophos. We put these as ideas in the portal which is now gone. Now nowbody knows what is suggested and there is no feedback, too. So as a question to the insiders: will the hotspot function…

Hello, today we had a strange situation on SFOS 19.5.1: a VPN user logged in with wrong credentials several times. In the XG log this was shown as VPN auth failure in log as expected. SFOS does not log the client IP for failed logins anymore,…

Hi, its possible to implement STAS in EVNG virtual device with 30 days License. Need to test virtual before we implement in production any command to check if a user login or logout because its Ip to user mapping. Thanks satya

Client Authentication Agent is not working in our office, i have upgraded all computers to Windows 11 Error it says You are not allowed to log in from this machine Kindly help us on this please Kumaresh St.Joseph's College of Commerce 9…

How do I generate a new QR Code for the users we have users who have been issued with a new Iphones , they have wiped out the old phones with the Sophos Authenticator App as a result , they cannot setup their Account to the new Phone because they…

I setup a connect client with a provisioning file. Had Authentication to an AD server setup. When the user connects for their first time while using a provisioning file, it works beautifully. Now, enter MFA. Because most places want some extra security…

I am using MFA for certain users, using it in Web Admin Console, SSL VPN and User portal in which there is no way to disable it. However I would not want to require MFA for web authentication, for example, an unknown user is directed to the web portal…

Dear colleagues! We are having problems connecting via STAS on newer versions of Windows. In Sophos Transparent Authentication Suite in WMI VERIFICATION, the workstation shows access denied. We even used the key below but it doesn't work anymore. Path…

Hi all, FW XG v (SFOS 19.0.1 MR-1-Build365) I just have 2 DCs with stas installed. I think stas authentication is working as you like in the capture, logon type is 3 !! But logon type 3 as defined: The STAS agent runs on a member server and…

Hello all, We have a problem with one of our software applications. We are using SFOS 19.5.0 GA-Build197. The software needs to connect to a remote server which is only available via site-to-site VPN. The connection is configured and is working (green…

I have two Domain controlers and on both installed STAS for twho Sophos XG HW appliance in HA active-pasive. After upgrade from 18.5.4 to 19.5.1 i have problem evaluating user rules. After upgrade i reinstall STAS to newwr vrsion on both DCs. I need reeneter…

Hi there, are there any plans that STAS will support IPv6? We are using IPv6 and STAS agent is not able to work if user is using IPv6. Besr regards, Oldrich

Hi everyone, I have a big problem with wifi RADIUS and Apple devices. I am using SG330 firewall and APX530 access points, all with the newest Firmware. The problem is this: All of our Apple devices (iPads and iPhones) looses their connection…

Hello Sophos and everyone else, we are in the progress from switching all of the UTMs to XGSs at our customers. Unfortunately we are facing a little problem with the OTP implementation at XGS. At the (Google) Authenticator App we see the following…

There may be a bug in SFOS regarding SSH keys. we noticed on 2 different SFOS firewalls, one XG430 (SFOS 19.0.1 MR-1-Build365) and one XGS136 (SFOS 19.5.1 MR-1-Build278) that SSH Keys you add here: after you have enabled Multi Factor Authentication…

Hi, For a project I'm working with it is required to allow remote users with company provided laptops. This laptops are intended for business purposes only and should start a vpn to the in-house XGS firewall and block any direct connection to Internet…

Hi guys, We can't delete some users from sophos firewall. When we tried do this, this message was presented: " Couldn't delete user. A firewall rule, VPN connection, web policy rule, or SSL/TLS inspection rule exists for this user " We already delete…

Hi - I use the Authentication client for non domain joined machines onsite. I have a guest user who has a corporate machine which uses a VPN to his business network. Rather than create additional rules, I would like him to run the Authentication client…

We have had 1 site for a long time - we have an XG appliance. we have users vpn to the site and then user RDP to connect to internal resources. The user id and logon on the XG are seperate from AD user logon and we are using Sophos MFA. We recently…

Hello guys! I currently have a scenario that uses authentication between the firewall and Active Directory. In this same Active Directory, in addition to the main domain, I have other domains with linked users. In the authentication configuration…

Upgraded from 18.5 to 19.5 recently and found that i am unable to view user / admin QR codes under the authentication / one time password section. If a user changed a phone or lost, we would usually login to XG and see the QR code and scan it on the user…

We are currently using SOPHOS for our Firewall. We would like to tie it into our Azure AD. Since we had issues with RW, we will not put in a AD server on premise and according to Microsoft that AD was going to be phased out and Azure AD was going to be…

Is it somehow possible to identify which groups in SFOS have their source in Active Directory? To me local and AD groups all look the same on SFOS. Even after export of them as entities.tar. That makes managing larger environments with local groups…

hello, we need to use both ssl authentication with radius/mfa for admins and no mfa for normal users. ssl authentication servers are radius and AD. when i (admin user) connect to openvpn, i need to use mfa but if i wait without validating mfa, i…

Hello all, We are currently trying to change the authentication of our Wifi to certificates authentication, but are currently failing in the selection and setup of the RADIUS server. We use an Azure AD (no local Active Directory available) and have…