Thread Info
  • State Suggested Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 33 subscribers
  • Views 9113 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Connection Resets/Drop off with AD Sync/STAS Enabled

HaydenKirk

This is an on-going issue we have had for a couple of months now. Support have been in our system watching. We have pretty much confirmed the cause at our end, but want to see if anyone else has experienced this.

Our setup is an X210 with STAS enabled without the Auth Client installed.

Our rules do not have user-based policies enabled.

What we see are consistent dropouts on the network when firewall authentication is enabled at the service level. When this is removed, the issue goes away. We have confirmed this on one other site with a very similar setup.

Any ideas?



This thread was automatically locked due to age.
Parents
  • 0

    Hello,

    I also digging the issue as we are not using identity based policy yet for our branches to HQ traffic  flow, In the first we didnt notice the issue as it is randomly happening, until I simulate a test lab to replicate the problem with the help from Sophos support engineer, this is an unresolved bug and the ETA for the patch is not yet announce. our STAS is currently enabled for our HQ Web policy authentication and the solution worked for me is to define all the IP addresses range of our RED branches on the Clientless users definitions and the issue is resolved. 

    Sophos support knowledgebase suggestion didnt work, untill I ended up on the working solution.

     

    from Sophos support; 

    It seems like the device is affected with the bug NC-26440.

    At the moment its resolution is provided in the below mentioned Kb article.

    -----------------------------------------
    Article ID: 125468
    Title: Sophos XG Firewall: Traffic dropped during user authentication
    URL: https://sophos.com/kb/125468

Reply
  • 0

    Hello,

    I also digging the issue as we are not using identity based policy yet for our branches to HQ traffic  flow, In the first we didnt notice the issue as it is randomly happening, until I simulate a test lab to replicate the problem with the help from Sophos support engineer, this is an unresolved bug and the ETA for the patch is not yet announce. our STAS is currently enabled for our HQ Web policy authentication and the solution worked for me is to define all the IP addresses range of our RED branches on the Clientless users definitions and the issue is resolved. 

    Sophos support knowledgebase suggestion didnt work, untill I ended up on the working solution.

     

    from Sophos support; 

    It seems like the device is affected with the bug NC-26440.

    At the moment its resolution is provided in the below mentioned Kb article.

    -----------------------------------------
    Article ID: 125468
    Title: Sophos XG Firewall: Traffic dropped during user authentication
    URL: https://sophos.com/kb/125468

Children
No Data