we have a Sophos 120 with UTM 9.002-12.
I want too use SSL-VPN, but problem starts at the user portal login.
Definitions & Users > Authentication Servers > Servers
I created a AD connection with a AD-USer who is in the Builtin Group "Account Operator"
When I test the connection -> OK
Authenticate example user:
- >User authentication:
- Authentication test passed.
- >User is a member of the following groups:
- VPN_SSL_AD
- User_Portal_AD
- Active Directory Users
-> OK
Automatic user creation and Prefetch is of
Definitions & Users > Users & Groups > Groups
I have added Group
- "User_Portal_AD"
- Backend
- Active Driectory
- Limit to backend
- selected my user group from AD (with the sophos built in tool)
- CN=User_Portal,OU=...,DC=subdomain,DC=domain,DC=local
Management > User Portal
- Allowed Net: Any
- Allowed Users: User_Portal_AD
Network settings:
- Hostname: some name (has this FQDN to be really reachable?)
- Listen: Any
- Port: 443
Now I try to access the User portal. enter username (userPrincipalName) tried CN to.
but allways get the message: Invalid username/password, or access denied by policy.
in AUA log it says:
aua[308]: sys="System" sub="auth" name="Trying x.x.x.xDC-LAN-IP (adirectory)"
aua[308]: sys="System" sub="auth" name="Authentication failed" srcip="x.x.x.x" user="testuser" caller="portal" reason="DENIED"
since I tried LDAP (I think) I get the message
aua[3236]: Use of uninitialized value $ref in pattern match (m//) at aua.pl line 752, line 466.sometimes too.
Is there any failure in my config? any hints?
do I have to add some firewall rules?
hope this is the right subforum.
br Bernhard
This thread was automatically locked due to age.
