Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 4104 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG with heartbeat work with Cisco WAP581 Access point Radius server

Steve Wang

Hi all,

We use Sophos firewall SG210 on XG platform and heartbeat enabled with firmware 17.0.3 MR-3 and existing firewall rules includes if user laptops don't have have green heartbeat, they cannot access servers on premises such as active directory.

We recently deployed Cisco Access points WAP 581 with Authentication using Radius server ( installed on the same server as Active directory). When users are to connect to WiFi, it requires to connect to radius server for authentication before establish wireless connection to the network. However before laptops can connect to the Sophos central which is in the cloud to report health status to the firewall gateway, XG firewall wouldn't permit the client to access to the active directory server, as a result the client fails to connect to the wireless network.

Can anyone shed any light on this topic?

Many thanks in advance.

Steve Wang



This thread was automatically locked due to age.
Parents
  • 0

    Hi Steve ,

    In this case you may need to create a rule to allow the connection to ADserver without any heartbeat option enabled . You may allow the port used for communication between ADS. Bypass Ports UDP:1813 and UDP:1812.

    Once Authenticated there shouldm't be any issue.

Reply
  • 0

    Hi Steve ,

    In this case you may need to create a rule to allow the connection to ADserver without any heartbeat option enabled . You may allow the port used for communication between ADS. Bypass Ports UDP:1813 and UDP:1812.

    Once Authenticated there shouldm't be any issue.

Children