Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 5 subscribers
  • Views 25139 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strange issue with Sophos UTM Web Protection

RichardHughes1

Hi,

Firstly, I have got to admit, getting here was quite a challenge. It would appear that the Astaro forums have gone now, and this is it's replacement. I can't say that my experience from this new replacement has been good, the overall feel to this isn't very user friendly, just my opinion. Good were the days where you could easily log-on to a forum and start a new thread, where as now, with this replacement, you have to work out how to actually log-on and then join a group before you can create a question... what?!!

Going off topic here, I'll get to the reason why I am here today. For a while now, I have had an intermittent issue with Web Protection and Active Directory SSO authentication, where all web access is blocked. This occurrence only occurs after either a restart of the Sophos UTM or by a restart of ALL domain controllers. This issue only affects devices which use a profile with Active Directory SSO authentication set as the default. I have discovered that when this issue occurs, if I simply visit the eBay website, all web access is restored. If I do not visit the eBay website, all web access is denied by Sophos Web Protection. Web access appears to be fine when using Agent/Browser authentication, this issue does not affect devices which use a profile with Agent/Browser authentication set as the default.

I really don't know what is going on here, the issue has been on-going for some time now and it is getting quite annoying now. Has anybody else experienced this strange anomaly? 

Regards,
Richard



This thread was automatically locked due to age.
Parents
  • 0
    Hi Scott,

    Transparent authentication used to work fine, it wasn't until I applied an update, where this problem began. When this issue occurs, there is no prompt for authentication. For example, if you try to visit a website after the UTM has been rebooted, you are sent straight to the "Category blocked" page when transparent with AD-SSO authentication is used. If I visit the eBay website when this issue occurs, for some reason, all web access is restored and the UTM magically detects the user. If I do not visit the eBay website, I will be presented with "Category blocked", where the logs will show a blank username, e.g. "".

    As I had mentioned in my previous post, it would appear that forcing clients to use a PAC file has in a way, resolved this issue. I would although, much prefer to have transparent authentication working again as it did previously.

    Regards,
    Richard
Reply
  • 0
    Hi Scott,

    Transparent authentication used to work fine, it wasn't until I applied an update, where this problem began. When this issue occurs, there is no prompt for authentication. For example, if you try to visit a website after the UTM has been rebooted, you are sent straight to the "Category blocked" page when transparent with AD-SSO authentication is used. If I visit the eBay website when this issue occurs, for some reason, all web access is restored and the UTM magically detects the user. If I do not visit the eBay website, I will be presented with "Category blocked", where the logs will show a blank username, e.g. "".

    As I had mentioned in my previous post, it would appear that forcing clients to use a PAC file has in a way, resolved this issue. I would although, much prefer to have transparent authentication working again as it did previously.

    Regards,
    Richard
Children
No Data
Unfiltered HTML