Hi All,
I will consider the problem with authentication mechanism using STAS. we are running Sophos XG Firewall in Proxy Mode.
The problem scenario is:
I am using internet with my authentication which is perfectly fine. lets say, I want to access another windows computer's hard drive but I have no rights on that system. other computer will prompt me for network authentication , and I gave it some authentication which has rights onto that computer e.g. domain admin's account.
now when I will resume my internet browsing. the appliance rejects my request because it says my user is "domain admin's account" and it is blocked because domain admin's account have no internet rights.
there is another problem I can relate to this is: when I take RDP of a computer, specially of a server or terminal server with my credentials. web browsing seems to work fine. but after some time idle, web browser shows block request with the user which is physically logged onto that particular server.
in case of a terminal server, the block request page shows random username of all other users which have no internet browsing rights in Sophos XG.
something is fishy in this whole scenario , and root cause might be a single one. but I cant seems to find it.
kindly suggest any solution if this scenario is familiar.
Regards,
Faheem Sarwar
This thread was automatically locked due to age.
