This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM: force or check authentication via Browser

Is there a possibility to force NTLM Authentication against the UTM Webfilter or is there a possibility to check the Authentication status via the Browser?

Some times we face the Problem, that a User (Administrator) is not Authenticated and therefore Download of Applications (e.g. Firmwareupdates) fails because the administrative rule set is not active.

So, it would be glad, to have Authentication forced and/or checked, without crawling through the logs of the Firewall.



This thread was automatically locked due to age.
Parents
  • Hallo,

    I'm not sure I understand what you're seeing.  Are you working in Transparent or Standard mode?  Is it the user named "Administrator" or do only users that have Administrator privileges sometimes fail to authenticate?  When you crawl through the firewall logs, what are you looking for and what do you find?

    Cheers - Bob
    PS Should I move this thread to the Web Filtering forum?

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi BAlfson

    Thank you for your time.

    We are working in Transparent mode.

    I think, it's not an authentication failure.
    In my opinion, this behaviour is expected, but not very handy.

    Following situation:
    An admin user (user with admin privileges on the Client and on the Firewall) logs in to a Client Computer. At this moment, the Firewall Webfilter is not aware of the respective user. Now this user try to download a Software through third-party application (e.g. Lenovo Firmware updater). This download fails, because the  user is not authenticated against the Firewall (Webfilter log shows user=""). Now he has to open a Browser and open a Webpage that is categorised as only available for authenticated user. At this moment the user will be silently authenticated through NTLM.
    Now he can go back to third-party application and download the software.

    The problems:
    1. the user is not knowing, which websites force an authentication.
    2. he is not able to check if authentication worked or not, without crawling the logs.

    PS: Yes, I think the Web Filtering forum would be the better place.

Reply
  • Hi BAlfson

    Thank you for your time.

    We are working in Transparent mode.

    I think, it's not an authentication failure.
    In my opinion, this behaviour is expected, but not very handy.

    Following situation:
    An admin user (user with admin privileges on the Client and on the Firewall) logs in to a Client Computer. At this moment, the Firewall Webfilter is not aware of the respective user. Now this user try to download a Software through third-party application (e.g. Lenovo Firmware updater). This download fails, because the  user is not authenticated against the Firewall (Webfilter log shows user=""). Now he has to open a Browser and open a Webpage that is categorised as only available for authenticated user. At this moment the user will be silently authenticated through NTLM.
    Now he can go back to third-party application and download the software.

    The problems:
    1. the user is not knowing, which websites force an authentication.
    2. he is not able to check if authentication worked or not, without crawling the logs.

    PS: Yes, I think the Web Filtering forum would be the better place.

Children