Hello,
After implementing STAS in my environment, I've got an issue I don't understand why it's happening.
It's an environment of 3 domains: one top-level domain (eg domain.local), and two sub-domains (sub1.domain.local and sub2.domain.local, hypothetically). Each of these domains have 3 domain controllers, so nine in total. In each domain, 1 domain controller is configured as STAS Collector + Agent, the other two as just Agents. The Agents (and collectors) are configured to send their information to ALL other collectors. All three collectors are configured in Sophos in the same collector group, with their connectivity successfully tested in the STAS suite.
After logging with a user on a workstation, this user immediately appears in the Live Users list in the XG appliance. As long as he stays in this list, the users gets access to the internet through my configured firewall rules with Web Policy etc.. All is well.
The issue is that after some time, this user disappears from the Live Users list. He's still logged in and working on the workstation, but he disappears from the list. All connectivity is gone, as the user-based rule will not match any longer.
So issue#1: Why is the user getting logged out when he's still doing his stuff? STAS Inactivity Timer is set to 540 minutes (A bit longer than a working day), Logoff detection in STAS Suite is set to WMI Workstation Polling, Detection interval 605s, dead entry timeout 0) WMI test is successful:
Issue#2: Based on the following settings, I would expect the captive portal to show up after trying to connect to the internet. It doesn't. (but i can reach it manually at https://ip.of.sophos:8090)
I must be missing something, but can't see what exactly. Did someone experience the same issues?
This thread was automatically locked due to age.
