We are evaluating Sophos XG Firewall (VM). SFOS 17.1.2 MR2. Following Sophos official guide, We installed Sophos Transparent Authentication Suite (STAS) on domain controller, afterwards imported users/groups in Sophos XG. In AD , we have group like 'internet allow group' with test user. XG is allowing internet based on this group.
All working OK, BUT when I remove this test user from this group in AD, the test user can still access internet on his test computer. I waited for about half n hour but still client can access internet. the only way to block his access is to disconnect his Session from CURRENT ACTIVITIES > LIVE USERS > select Username and DISCONNECT.
And when I again add him in Allowed Internet Users group in AD, he does not gets access, and I have to first disconnect his session.
why sophos not implementing ON THE FLY changing ? I guess I am missing some information. Kindly advise
I thought I can manage users internet access simply it via active directory groups only.
Currently we are using MS forefront TMG 2010 in which we simply add / remove users in active directory group 'allowed internet group' and TMG picks the users groups pretty quick.
so in order to block/allow user, I have to update things in Sophos too?
This thread was automatically locked due to age.
