This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM / User Portal: Works about once per day (locally defined users, not AD)

I am able to authenticate about once per day on the user portal with one user on one computer.
If I do it again with another user's credentials, I get the rather meaningless "user/password wrong or policy blocking" - popup.
I do it again the next day, I get again one shot.

With about 50 users who I would like to advise to look into their spam reports online... that's a tiny bit of a complete road block.

Some part on the Sophos UTM seems to cache a part of the login configuration, and simply rejects anything but the first remoteIP:userLogin pair.

a) Is there a way to debug this behaviour, to validate my theory?
b) Is there a way to circumvent this behaviour, e.g. by adding an undocumented parameter that skips the cache? (?no_cache=1 does NOT help.)
c) Is there a way to fix this behaviour by means of a hidden configuration setting? (I don't mind logging in as root and set some obscure flag, as long as things work afterwards...)



This thread was automatically locked due to age.
Parents
  • Under Web Protection -> Filtering options -> Misc there is a caching section. 

    I don't know whether or not this could be the culprit, since I have always had this off. I don't think there's real benefit in having it on especially with high-bandwidth connections. If your's is on you can at least try to clear the cache or also disable to function and see if this changes things.


    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • Wow, spot on!
    Thanks a huge lot, apijnappels!

    I'd never have guessed that section to be related to this issue. (It's still quite puzzling, because the "cache ssl content" checkbox was unmarked, and we do use (self-signed) https - connections for the portal, so the cache shouldn't have interfered either way. But it did!)

Reply
  • Wow, spot on!
    Thanks a huge lot, apijnappels!

    I'd never have guessed that section to be related to this issue. (It's still quite puzzling, because the "cache ssl content" checkbox was unmarked, and we do use (self-signed) https - connections for the portal, so the cache shouldn't have interfered either way. But it did!)

Children
No Data