Thread Info
  • State Verified Answer
  • +7 person also asked this people also asked this
  • Locked Locked
  • Replies 30 replies
  • Subscribers 43 subscribers
  • Views 19393 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Captcha on WAN - User portal

GonFreecs

Hi,

 

After the update on kb 135412, sophos forcefully enable captcha on WAN for user portal. Is there a way to disable this?

 

TIA



This thread was automatically locked due to age.
  • 0 in reply to alda

    Well, Edge or IExplorer  same *** different name ^^

  • 0 in reply to Chris Lindsay

    Cmon dude. I know that its nice to be oldschool  but whos using explorer  these days :D

  • 0 in reply to Regex

    Cant control what the users are using!

     

    Edge seems fine but IE is throwing a javascript error therefor captcha cycle and login buttons not working.

  • 0 in reply to Regex

    I use Chrome and Firefox, both doesn't show the image.

    End out, it is caused by vpn connection.

  • 0 in reply to Max Seng

    Hi Max,

    Try to clear the Firefox / Chrome cache (history).
    It should work if you don't try another browser, e.g. Vivaldi.

    Regards
    Jan

  • 0 in reply to JanSadlik

    Jan,

     

    Yes I did, and I found out it not caused by browser.

    I can't view the image via VPN connection, thats the cause.

    I need to figure out where does the images hosted.

  • 0

    Although on KB135412 they wrote

    As an additional security measure, a captcha has been added to the XG Firewall admin and user portal on the WAN zone, for devices running SFOS v17.5 and later.

    i'm getting the captcha on the VPN zone as well, therefore i have to enter it on every firewall we manage over VPN. This s**t drives me nuts! Sophos, DO SOMETHING!

  • 0

    Hi,
    I have already opened a ticket to the captcha at Sophos. We also have problems because the capcha must also be used in the VPN. The monitoring of the firewalls is not able to connect to the web interface and query the status there.

    The response from support was unfortunately not very pleasant.

    "Your time is valuable to us. Request you to please provide me with the following information, so that we can provide you the solution at the earliest.

    The Captcha you are getting is not removable.
    As of now there is no work around as this is only for your betterment of authentication.
    Please let us know if we have answered your queries properly and can able to close the case. "

    Why it should also be necessary to enter a captcha via VPN is not clear to me either. Users who access the web interface via VPN are usually trusted.

     

    Edit:
    Sophos RED Connection seems to be allowed without Captcha. 

  • 0 in reply to LKramer

    This is not acceptable at all! It even contradicts what they wrote themselves on the knowledgebase, claiming the captcha will only be displayed on the WAN zone, while it's clearly not. As you already pointed out, it's completely senseless to display a captcha to VPN users that are commonly trusted anyway.

  • 0

    I've 3 XG in my company, with the following versions v17.5.8/ v17.5.9/ v17.5.10.
    I only can see the captcha in the version v17.5.9, in the other versions i only see the captcha spot.
    Despite of this fact, i've another issue that i cannot tell for sure if it's related that users in v17.5.8 / v17.5.10 cannot connect to SSL VPN.

    I love Sophos and i'm Sophos Fan, but for god sake, do some QA to the releases :(