I am a bit of a newbie to this product but am a fairly competent tech geek. I am using Sophos UTM home edition on my network and having some issues with web filtering using on my MAC clients. I am running a Windows Active Directory environment with mixed Windows, MAC and iOS clients. I have joined the UTM to the AD domain and can authenticate AD users. Web filtering is enabled and I configured it as follows:
Operation Mode: Transparent
Block access on authentication failure: enabled
Enable Device-specific Authentication: enabled
Windows – AD SSO
MAC OSX – Agent
iOS – None
I am also using web filter policies with different filter actions based on two groups and configured as follows:
Adults – Minimal web filtering (only block web ads)
Kids – Strict web filtering
The appropriate users are in their respective groups and can be authenticated by the UTM.
The Windows clients authenticate fine and the correct filter actions are assigned to the individual groups. The Mac clients had issues with AD SSO (ad_user and ad_domain were blank in HTTP logs) so I resorted to using the authentication agent to try and resolve this. What I have found is that by using the agent, I am able to authenticate and use the internet, but the filter action is not correctly applied (everyone gets the default filter action). I checked the HTTP logs and found that the ad_domain is empty. Below is a snippet of what I am seeing:
2015:04:30-07:00:04 utm22 httpproxy[5611]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.1.125" dstip="46.255.41.2" user="andy" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="3174" request="0xf9f4000" url="46.255.41.2/" referer="" error="" authtime="0" dnstime="1" cattime="200" avscantime="0" fullreqtime="568258" device="4" auth="0" ua="" exceptions="" category="178" reputation="neutral" categoryname="Internet Services"
I believe this is the cause of not getting the proper filter action assigned but am not sure how to resolve this. My questions are:
1. Is there a way to fix the MAC clients so they will work with AD SSO?
2. If I can’t use AD SSO then what can I do to make the authentication agent recognize the domain so the filter action will be correctly set?
Thanks to all for such a helpful community and I love using the Sophos UTM!
Andy
This thread was automatically locked due to age.
