Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 26 subscribers
  • Views 481 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XGS Filtering (Unauthenticated vs User Groups / Login Portal)

Greg Conway

I've a setup where we need machines to have a certain amount of access to the web while not authenticated/before login. (for deployments, remote tools, Azure AD login attempts) but we also need for the machine to use the web authentication if they try to leave these areas - not just block access

--This is basically to allow Azure AD login as they're not authenticated at that point but to then force them to authenticate with Sophos once in.

Is this something that can be achieved?

If there's a clever way to have people authenticate automatically using their Azure AD credentials, that's also an option for at least part of this.
(We have ADDS set up and linked to the firewall for the web auth + Intercept X Adv if either help)



This thread was automatically locked due to age.
Parents
  • 0

    Apparently, I've been looking at filtering issues for too long and missed the 'connect to network' button on the block message!
    As I've had to move to plain HTTP for the login page due to Chrome's 'you need to sign in to this network' page being odd with web authentication, it still gives a middle step warning regarding being 'not secure' so isn't perfect.

    I would still like a more active pop up if still possible similar to when I only had authenticated rules in place if at all possible - that or an SSO option if anyone has ideas?
    --I can get the machines to just open the web auth page as part of a login script, but was looking for more elegant answers :)

Reply
  • 0

    Apparently, I've been looking at filtering issues for too long and missed the 'connect to network' button on the block message!
    As I've had to move to plain HTTP for the login page due to Chrome's 'you need to sign in to this network' page being odd with web authentication, it still gives a middle step warning regarding being 'not secure' so isn't perfect.

    I would still like a more active pop up if still possible similar to when I only had authenticated rules in place if at all possible - that or an SSO option if anyone has ideas?
    --I can get the machines to just open the web auth page as part of a login script, but was looking for more elegant answers :)

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?