Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 28 subscribers
  • Views 782 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HOST IP

CHARLES MUSA

HELLO


i need help!! i just got a NEW sophos firewall. but now my users have to login to portal before they can access my external host(active directory and exchange servers) which Shouldn't be like that. And if i release the #LAN2WAN traffic rule not to use identity it goes perfectly well but all users will have internet access without login into the captive portal 

WHAT DO I DO?

The host IP has been ADDED to the HOST



This thread was automatically locked due to age.
  • 0

    I am not sure I understood but I will try to give you tips. If you want to publish internal servers to the internet, you have to create a dnat rule. So a person on the internet that wants to see an exchange server that is located in your lan, you need a rule in the sophos to route the wan request into the server.

    Now if the issue is local computers in a lan that need to see the internet, and you do not want their web use to be based on user name, make sure your #Default_Network_Policy 

    dentity: Match known users is not ticked.
     
     
  • 0

    Are you trying to force them to have to login?  Or merely attempting to see which users are doing what in the logs?   I am confusing as to the overall goal of what you want.  Can you give a brief explanation of what you are trying to achieve since there is flexibility in this.

     

    For example, I have AD sync'd with my XG but do not have use identity checked, on my logs/dashboard I can see what users are doing.  

  • 0 in reply to Badrobot

    i have two external servers on my network that is the AD and Exchange server. all systems should be able to ping  this two servers for the outlook application to work perfectly but as it is unless the user login to the captive portal the application wont work.

    so now my aim here is for this application to work even without login into the captive portal. 

  • 0 in reply to CHARLES MUSA

    2 external servers on you network ?

    the AD and exchange are not on the local LAN or you want to say that you "publish" those servers to the wan ?

    I apologize, but I still do not understand the topology you want to implement.