This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Android devices dont work with ws1100 web appliance

Any way to get android devices to work if I have a ws1100 web appliance?  Is there an update or resolution coming for this?  The sophos tech support said they did something on the backend to make iphones/ipads  work with my "default" policy (still wish I could get authentication with these). But I need android devices to work also. Why can't sophos make a web based authentication for mobile devices that is ldap compliant? It seems crazy that only my computers joined to active directory can get authenticated.

:21241


This thread was automatically locked due to age.
Parents
  • Hi sophozann,

    There are a couple of settings that change this behaviour.  For example if 'Authenticate all requests against Active Directory' is enabled then every request will be authenticated.  With this disabled, only requests from supported web browsers are.  The other option would be manually exempting an IP range from authentication.

    Once unauthenticated requests have been allowed, a policy needs to be assigned to IP addresses rather than users.  The IP range would be included in:

    - Configuration > Group Policy > Default Groups (To make it a member of Default Policy)

    - Configuration > Group Policy > Additional Policy (To set up a specific policy for unauthenticated requests

    At present the appliance only accepts NTLM authentication.  Depending on the device, you may be able to configure a proxy username/password for NTLM authentication if this is preferable?

    The good news though is that we are currently working on a major new release which will provide an authentication 'Sign-in' page for mobile devices, among other enhancements.  Whilst details are not concrete yet, this is currently expected some time in Q2 2012.

    Hope this helps,

    Tom.

    :21277
Reply
  • Hi sophozann,

    There are a couple of settings that change this behaviour.  For example if 'Authenticate all requests against Active Directory' is enabled then every request will be authenticated.  With this disabled, only requests from supported web browsers are.  The other option would be manually exempting an IP range from authentication.

    Once unauthenticated requests have been allowed, a policy needs to be assigned to IP addresses rather than users.  The IP range would be included in:

    - Configuration > Group Policy > Default Groups (To make it a member of Default Policy)

    - Configuration > Group Policy > Additional Policy (To set up a specific policy for unauthenticated requests

    At present the appliance only accepts NTLM authentication.  Depending on the device, you may be able to configure a proxy username/password for NTLM authentication if this is preferable?

    The good news though is that we are currently working on a major new release which will provide an authentication 'Sign-in' page for mobile devices, among other enhancements.  Whilst details are not concrete yet, this is currently expected some time in Q2 2012.

    Hope this helps,

    Tom.

    :21277
Children
No Data