This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Active Directory Authentication with XG failing.

I have two Sophos XG's both XG 230's and one Active Directory server. I have tried to integrate both XG's to the the AD server using the exact same parameter's. On one XG the integration is successful but the other refuses. It throws an error, Test connection failed as server is down or unreachable. The AD server and the XG that is failing are in two different physical locations and there is a site to site VPN between the locations. The two subnets can communicate very well as I am actually logged into the AD server which is at the other side of the tunnel. Please let me know if there is something that I am missing or something that I should look at. I have turned off Windows Defender on the server. I am pretty sure there isn't any problem with the AD server because my second XG is connecting to it well.

This thread was automatically locked due to age.

Parents

0 Ronald Chinomona1 over 3 years ago

Hello Bharat J and Vishal_R Thank you for your responses which are somewhat similar. I have added an IPsec route at the Branch Office and applied a Source NAT policy. I have reviewed the logs in the XG at the Head Office and I noticed that the XG actually processes the traffic but drops it as IP Spoofing. Why would the XG treat the AD connection traffic coming through an IPSEC tunnel as IP spoofing. The source address is the LAN IP of the XG at the the branch office and the destination is the IP of AD server on Port 389. I have attached a picture of my topology.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Ronald Chinomona1 over 3 years ago

Hello Bharat J and Vishal_R Thank you for your responses which are somewhat similar. I have added an IPsec route at the Branch Office and applied a Source NAT policy. I have reviewed the logs in the XG at the Head Office and I noticed that the XG actually processes the traffic but drops it as IP Spoofing. Why would the XG treat the AD connection traffic coming through an IPSEC tunnel as IP spoofing. The source address is the LAN IP of the XG at the the branch office and the destination is the IP of AD server on Port 389. I have attached a picture of my topology.
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 Bharat J over 3 years ago in reply to Ronald Chinomona1

Hi Ronald Chinomona1

Please go to PROTECT --->Intrusion Prevention -->Dos and Spoof Prevention and disable the Spoof prevention under Spoof protection general settings and check ?

Thanks and Regards

"Sophos Partner: Infrassist Technologies Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Ronald Chinomona1 over 3 years ago in reply to Bharat J

I have no Spoof Prevention enabled for any zone.
Cancel
Vote Up 0 Vote Down

Cancel
0 Bharat J over 3 years ago in reply to Ronald Chinomona1

Hi Ronald Chinomona1

Please check AD settings with Connection security with Plain and SSL /TLS and check the status?

"Sophos Partner: Infrassist Technologies Pvt Ltd".

If a post solves your question please use the 'Verify Answer' button.
Cancel
Vote Up 0 Vote Down

Cancel
0 Ronald Chinomona1 over 3 years ago in reply to Bharat J

I have plain text connection security and port 389 configured. The exact same setting work well on another XG that sits in the same LAN with the AD server.
Cancel
Vote Up 0 Vote Down

Cancel

Active Directory Authentication with XG failing.

Submitted a Tech Support Case lately from the Support Portal?