• Web authentication through captive portail fail after few minutes

    GaelRAYNAUD
    GaelRAYNAUD
    Hi all. I'm currently facing a problem on an XGS2100 where AD authentication & SSO through Web auth are enabled and working. Just for a few minutes... Next step on every single client (Windows, Android but not iOS) is lose of connectivity and need…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • CAA - Server is not thrustworty! MAC

    alex_germany
    alex_germany
    Whatever "thrustworty" is... my Server isnt Suddenly the CAA stopped working on our CEOs Macbook and he cant work anymore. Reinstalled etc but cant get it running. Got a time limit of "2 hours" then "sophos has to go" :/ Any tips for me?
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Why this user or computer can access to internet ?!

    Fotit
    Fotit
    Hello All, With sophos xg in the company AD authentication (stas and CAA) I have may be 40 rules FW LAN > WAN, but all these rules are with " match known users ", so users or groups are presents there is no rule witch allow mac@ pc or ip address…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • STAS issues with Web protection Policy

    Technik Technik1
    Technik Technik1
    Hello, i have an big problem at a customer site. We switched from UTM to Sophos XGS. We have configured STAS. There is a rule for Internet HTTP/HTTPS access. The rule is open for everyone. I have configured a Web protection Policy. On top everybody…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Add AD User to SSL VPN

    Deb Smith1
    Deb Smith1
    I have my XG set up with both local VPN users and 1 user (mine) authenticating via AD. I've imported the AD OU named Staff where this 1 user resides. I have a new employee coming on, so I created his domain account in the Staff OU. I then logged into…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Web Authentication Problem

    Rajendra Jadhav
    Rajendra Jadhav
    Dear Sir, I am not getting web portal while accessing Internet through web proxy Instead every time it shows certificate error. I have created a web appliance certificate & installed it in PC still every time it asks for certificate & then I have to…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How to use AD-Group Membership for SFOS Webadmin Roles

    FFin
    FFin
    We're moving from SG / UTM and i'm looking for the ability to create custom Webadmin-roles and assign AD-Groups to these roles. Is there a way to configure this in SFOS? e.g. Membership in AD Group "Access-Sophos-Webadmin" should allow authentication…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Unable to add new authentication server

    Dominic De Robillard
    Dominic De Robillard
    Pls Help! I'm quite new to Sophos and an trying to use my Active Directory to authenticate users via radius but it refuses to save the server. It passes the connection test on setup but when you come to save it BOOM error. Pls could someone who is…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Captive Portal issue

    Keyvan Mote
    Keyvan Mote
    Hi guys I'm new to Sophos, I've got an XGS3100. clients on a specific VLAN have to Authenticate on user portal, After the authentication everything works fine but broadcast domain. they can't ping each other while they're on the same subnet. anyone…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG 19.5 otp field

    Bart van der Horst
    Bart van der Horst
    Hi, Is it possible put an otp field in the weblogon pages (admin & users)? Kind regards Bart
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Captive Portal Authentication

    Idris Sanni1
    Idris Sanni1
    I recently configured captive portal on my network using my AD as the autheticator server. My users can login on their laptops but if they try to do so on their respective phones, they get this error message " User.... failed to login to Firewall through…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • ADSSO - Kerberos failed. NTLM works

    schmiegi
    schmiegi
    Hi :) Customer has received an XGS-FW, previously used a SG. AD SSO was set up at orientation of Sophos-Com contribution. ( docs.sophos.com/.../index.html The following problem: NTLM-Auth works without problems KERBEROS fails: "Cannot initalize…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Rpc issue when i pool through wmi using STAS

    satyabrata bastia
    satyabrata bastia
    Hi, i am facing RPC issue when i pool from stas application using wmi method its showing the rpc server is unavailable.
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Should clientless users be able to be assigned by MAC and not IP? (Looking towards IPv6)

    Wayne Folta
    Wayne Folta
    Would it be possible and would it be a good idea to add the capability for Clientless Users to be designated via MAC address rather than IP address? That is, in the IPv6 world. where a machine can have many concurrent and past (but not yet invalid) IP…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • AD Authentication, Nested / Staggered Groups not working

    LHerzog
    LHerzog
    Can Sophos confirm please that SFOS 19.0.1 is still not able to detect staggered group membership of a Active Directory? Because that is what I noticed yesterday. I tried to use a top level group that contains sub-groups for Firewall rules. If the user…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • How does AC work?

    Memorycard
    Memorycard
    Hello everyone, I was curious about the way Authentication Client works. You remember previous version of that? (Cyberoam Generic Authentication Client)? In that version, clients where able to change the IP address of Cyberoam in the setting. So,…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Is there a way to backup authentication/users?

    Miguel Cruz
    Miguel Cruz
    I cant see any option to do so. Thanks.
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • AD SSO - mixed domain and non-domain devices in single zone

    RobertCoupee
    RobertCoupee
    We have a single network & zone which contains both domain-joined and non-domain-joined devices.* For domain-joined devices, we use STAS and all is well. For non-domain-joined devices, we WANT to use captive portal to ask the user to login. However…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • STAS authentication & CAA

    Fotit
    Fotit
    Hi all, I want to know if caa is more efficient than stas authentication? when to use caa and when to use stas ?what could be the difference between stas and CAA? Does CAA automatically require firewall integration with AD? Can we use stas authentication…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • domain users on workgroup computers and no captive portal

    Fotit
    Fotit
    Hi all, normally a domain user, when he tries to connect with a workgroup computer he is automatically redirected to the captive portal, and also an ordinary user who is not a domain user. but I notice that this redirect is gone for domain users, and…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Azure AD authentication for Sophos Connect

    Nez_Pottage
    Nez_Pottage
    I see XGS OS19.5 now allows Azure AD to be used for SSO for admin access to the webadmin. Can the XG also be configured in a similar manner so that users can authenticate to Sophos Connect using their Azure AD details, and any possibility of using the…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG processing WMI authentication requests on WAN-Zone / STAS

    FFin
    FFin
    Hi Community, we're using an XGS Firewall (V19) and STAS for authentication of our users. On our domain controllers in stas.log we're seeing an huge amount of these entrys every few seconds: SSO_server_handle_wrkstpoll_req: poll req for '43.129…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • STAS and User logging not working as expected

    Alex Harding1
    Alex Harding1
    Hi all, Hoping someone can point me in the right direction. I have enabled STAS on our Sophos XG. I can see user showing on the STAS Agent on the server. I have also added the server to the XG on the Auth List and connections pass without issue…
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • XG - Prevent RADIUS auth from overwriting existing user with default group

    Felix Entrop
    Felix Entrop
    Hi all, I just set up a virtual XG appliance and pretty much everything is working fine, except for one issue. I needed to use Duo proxy as 2FA solution, which is (temporarily) running on the Domain Controller on the LAN (configured as AD client …
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • Allow access to AD through SOPHOS XG (So users can login with AD login https://www.eplatform.co/gb)

    Kuldev Sagoo
    Kuldev Sagoo
    I was wondering if you could help me setup a a firewall rule so that outside URL (eplatform, used for digital libraries) can communicate with our AD so that users can login with their AD username and password. I have added the external host IP of the…
    • Answered
    • over 2 years ago
    • Sophos Firewall
    • Discussions
  • View related content throughout Sophos Firewall
  • More
  • Cancel
<>