Hello, We want Active directory users to get access to the internet through XG 230 Firewall running the latest Firmware. Current Setup: Using STAS on Windows Server All users were migrated from AD to Sophos Firewall rule created (attached to this thread) In the rule I had to add the IP address of the computer in Source Network ad devices so that this IP gets internet connection Connection works fine on the laptop with this IP for any user , now I add the migrated username XXX@mydomain.local under match known users and select it, shouldn't only the user xxx receive internet connection on this IP? But this is not happening as the connection stops completely on the laptop when the users is selected under match known users What is the best practice in order to authenticate AD users and give them access to the internet please? Should I add the IP in the firewall rule or not, because if I remove it the user doesn't get internet connection although listed under match known users. Another questions please, when creating a new firewall rule, followed by a NAT rule, I'm unable to see the new rule under, Routing\SD-WAN Policy, in this case how can I set the gateway the this rule will follow ( We have two gateways in our setup) Thank you in advance for your assitance.

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Authenticating AD Users and Match known Users

Nad over 4 years ago

Hello,

We want Active directory users to get access to the internet through XG 230 Firewall running the latest Firmware.

Current Setup:

Using STAS on Windows Server
All users were migrated from AD to Sophos
Firewall rule created (attached to this thread)
In the rule I had to add the IP address of the computer in Source Network ad devices so that this IP gets internet connection
Connection works fine on the laptop with this IP for any user, now I add the migrated username XXX@mydomain.local under match known users and select it, shouldn't only the user xxx receive internet connection on this IP? But this is not happening as the connection stops completely on the laptop when the users is selected under match known users
What is the best practice in order to authenticate AD users and give them access to the internet please?
Should I add the IP in the firewall rule or not, because if I remove it the user doesn't get internet connection although listed under match known users.
Another questions please, when creating a new firewall rule, followed by a NAT rule, I'm unable to see the new rule under, Routing\SD-WAN Policy, in this case how can I set the gateway the this rule will follow ( We have two gateways in our setup)

Thank you in advance for your assitance.

This thread was automatically locked due to age.

Parents

Reply

Children

No Data