Connection Resets/Drop off with AD Sync/STAS Enabled

Question

This is an on-going issue we have had for a couple of months now. Support have been in our system watching. We have pretty much confirmed the cause at our end, but want to see if anyone else has experienced this. 
 Our setup is an X210 with STAS enabled without the Auth Client installed. 
 Our rules do not have user-based policies enabled. 
 What we see are consistent dropouts on the network when firewall authentication is enabled at the service level. When this is removed, the issue goes away. We have confirmed this on one other site with a very similar setup. 
 Any ideas?

Arvin Carlos · Answer

Hello, 
 I also digging the issue as we are not using identity based policy yet for our branches to HQ traffic flow, In the first we didnt notice the issue as it is randomly happening, until I simulate a test lab to replicate the problem with the help from Sophos support engineer, this is an unresolved bug and the ETA for the patch is not yet announce. our STAS is currently enabled for our HQ Web policy authentication and the solution worked for me is to define all the IP addresses range of our RED branches on the Clientless users definitions and the issue is resolved. 
 Sophos support knowledgebase suggestion didnt work, untill I ended up on the working solution. 
 
 from Sophos support; 
 It seems like the device is affected with the bug NC-26440. At the moment its resolution is provided in the below mentioned Kb article. ----------------------------------------- Article ID: 125468 Title: Sophos XG Firewall: Traffic dropped during user authentication URL: https://sophos.com/kb/125468