Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 12 replies
  • Subscribers 27 subscribers
  • Views 24382 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can't login with windows user to user portal

Nino Padrutt

Hi

I setup a new XG115 and added the AD Server with test connection was successful. Also I installed STAS but I it seems have to have an issue left since I can't login with my windows users.

My Server has the IP 192.168.109.211

My XG115 192.168.109.111

Here is my configuration

 

 

 

The Service on the AD Server is running with a domain admin.

I imported successfully the user group from the AD to the firewall.

 

Can anyone point me to what I'm doing wrong?



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Nino Padrutt

    Nino,

    check all the required steps:

    https://community.sophos.com/kb/en-us/123156

    https://community.sophos.com/kb/en-us/123155

    https://community.sophos.com/kb/en-us/123158

    STA collector TAB : XG internal IP

    From console:

    system auth cta show
      CTA Status          : enable
      CTA Collector          : enable
      Unauth-Traffic Drop Time: 120 sec
      ============================================================
      Collector IP       : Collector Port       : Collector Group
      ------------------------------------------------------------
        DCIP             : 6677                 :         1
      =========================================
      VPN Source Network : VPN Source Netmask
      -----------------------------------------
           -         :       -
    Regards

    "Playing with gpo is always a big mistake with non Microsoft System Admin."

  • 0 in reply to lferrara

    As far as I can see I have done all the steps.

    Also the output on my XG115 looks identically to yours:

     

  • +1 in reply to Nino Padrutt

    Nino,

    Make sure firewall ports are open on active directory server from XG. Check port 6677 with tcpdump from XG.

    Create a user firewall rule where ad users are added and test if into XG live users the counter increments.

    Regards

  • 0 in reply to Nino Padrutt

    Nino, this means that STAS is not communicating with the XG Firewall. When everything is perfect, the XG IP address will automatically populate over there.

     

    I insist that you try this again. (I know you may have manually type 'domain\administrator', but believe me below step sometimes does the trick) :

     

    open services.msc -> Right Click -> Properties -> Log On -> This Account -> Browse -> Type admin and 'Check Names' select administrator user, re-enter password.

    Restart STAS by clicking on Apply and then Ok. Check if you see Live Users in Live Users List again.

  • 0 in reply to lferrara

    ah dammed, the windows firewall was the issue that no appliance was shown.. Now my XG115 is shown correctly.

    Also I removed the AD Server and added it again. Now that one works aswell. Thanks for your help everyone!