Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 5661 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

McAfee ePolicy Orchestrator Authentication through Sophos Web Protection

TrotterD

Hello,

I have a Sophos UTM configured in Standard mode and authentication set to use Active Directory SSO.

I have configured the Web Protection policy to allow users that are a member of an Active Directory security group access to the internet.

I am having a problem with a McAfee ePolicy Orchestrator server downloading software and security updates through the proxy server. I have configured the settings to use the UTM as a proxy and set the port and tried variations of the Active Directory user format:-

username

domain\username

username@domain.local

But it seems to refuse to send authentication credentials to the Sophos UTM. I either see no user in the log entry or strangely I see the COMPUTERNAME$ as a user.

I can get the system to work by creating an exception from the server to the URL and skip authentication and URL filtering.

Has anybody else had a similar experience and found a work around.

Thanks

Dave



This thread was automatically locked due to age.
  • 0

    We've had similar issues at my work with my ePo servers, using another proxy (non-Sophos).  Whenever I set up a new ePo server, I have it set up to bypass authentication for the server IP address (allow all web traffic regardless of user).

  • 0 in reply to JordanM

    Hi Jordan, hope you are well.

    Thanks for your input.

    At least I am not the only one who has this sort of experience. I am assuming its McAfee ePo that is having the issue sending credentials correctly rather than the Sophos UTM not understanding them.

    Regards,

    Dave

  • 0 in reply to TrotterD

    I'm not really sure what the root cause is.  In my case, we are using some older Cisco content engines as our proxy and I got around the issue by allowing web access without authentication/credentials... It wasn't really worth my time to troubleshoot.

Unfiltered HTML