We have a Sophos UTM SG 330 (9.707-5) running a Transparent Proxy (not decrypting) with AD enabled authentication. Users connecting to the network (mostly from mobiles) are presented with the Authentication page at connection, login and get internet access. This is all working fine and has been for a number of years.
We now face the issue where we need to temporarily block someone by their username from internet access through the unit. We have created an AD group with the user in and added a new Policy at the top of the list to the Web Filter Profile, matching that AD User group, time always, filter action being a block all.
This works perfectly on a fresh device logging in as a blocked user the first time. However if the user is already authenticated from a device, adding them to this group seems to never 'block' their activity, tested over 48 hours.
Two questions
1. Should we be seeing this block take effect for an already authenticated user?
2. Is there a way to force an individual user to re-authenticate with the Sophos? We can of course reboot the unit and force everyone too, but that seems a bit sledgehammery!
Appreciate any assistance
Jon
This thread was automatically locked due to age.
