Hi there,
I'm trying to get RADIUS SSO working within our organisation for wifi users to be authenticated on the internal and external firewalls. For the external firewall, this is quite straightforward, as the RADIUS accounting packets are generated on the LAN side. However, for the internal firewall at each site, the RADIUS servers are hosted centrally and thus communicate through on the WAN interface. System access won't let me tick RADIUS SSO on the WAN zone - presumably because this is normally Internet facing, but in our context it actually faces our central network and there is another firewall before hitting the Internet.
I've tried configuring a new LAN based zone instead of using the WAN, but then the firewall's own traffic does not get routed anywhere without creating a static route, but then I can't have a failover cellular connection.
I'm really hoping to get a solution that can work for us - it will allow me to deploy Sophos devices to each of our 31 sites.
Thanks,
Phil
This thread was automatically locked due to age.
