Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 15 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 23965 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

violation reason: USER_IDENTITY issue

Jim Sem

Hello,

 

Sometimes sophos drops all packages to a random user (not everyone) for 1-2 minutes and after 1 minute it stop dropping, internet start working fine. I checked the diagnostics-packet capture while sophos dropping my packages and i noticed that status "violation" and reason "USER_IDENTITY". Can you please help me in this case?

 

Thanks in advance,



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Jim Sem

    Hi Jim,

    I am a bit confused why do you need to allow unauthenticated traffic after deploying STAS with AD! Is there a specific requirement that we are unknown about. Suggestion by Luk is specific when strict authentication is not enabled with STAS and the unauthenticated traffic should be allowed after specific seconds as configured through the command line. You cannot completely disable this drop time or else there will be no use for the authentication mechanism.

    Thanks

  • 0 in reply to sachingurung

    Hi ,

    I can tell you that over a RED tunnel, STAS does not work perfectly. I had to disable it to allow our RED clients. Support could not figure it out so we gave up on using it until it improves. I too wish if the firewall cannot identify the user that it passes the traffic anyway. I had 2 firewall rules to allow this to happen. One that was user based and one that was not. Even a 40 second delay is a long time for users to sit with no internet until the firewall decides to let it pass.

    Mike

  • 0 in reply to MichaelBolton

    Now im getting INVALID_TRAFFIC violation message. What is this mean?