Hello All
I am running Sophos UTM 9.503-4 with Web Filtering via transparent mode and ADSSO auth. I am testing with a current version of Chrome and IE11. I have reviewed the best practices for DNS and running transparent mode with ADSSO. The problem: The group that user belongs to is not getting passed to the webfilter, therefore the incorrect policy is applied. I have 5 policies in one of my LAN profiles and it always applies the default policy.
The user name is getting passed to the Web Filter. The domain is getting passed to Web Filter. I can see this in the logs. I'm looking for a place to start troubleshooting this....
Here is an example log entry:
<30>2017:09:14-12:37:13 router-1 httpproxy[6544]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="192.168.100.214" dstip="204.79.197.203" user="3333" group="" ad_domain="HANB" statuscode="200" cached="0" profile="REF_HttProHaWebfilte (HA - Internal LAN ADSSO)" filteraction="REF_DefaultHTTPCFFBlockAction (HA - Default Filter Action)" size="8362" request="0x181a8000" url="https://www.msn.com/" referer="" error="" authtime="377" dnstime="3" cattime="66" avscantime="0" fullreqtime="40494449" device="1" auth="2" ua="" exceptions="" category="141" reputation="trusted" categoryname="Portal Sites" country="United States" application="msn" app-id="311"
Cheers, Dale
This thread was automatically locked due to age.
