Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 2239 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Traffic processing when user information may be outdated

Milosh Stevanovich

Hello! Could you please expalin what's the default traffic policy when new authentication agent/AD DC info is unavailable for some reason.

Does the user-based rules get automatically turned off or someting?

Does the traffic which gets under user-based firewall rules get passed or dropped?



This thread was automatically locked due to age.
  • +1

    Hi Milosh,

    That depends on the Web Protection configuration on UTM. If the AD/DC is unavailable which means the User is not authentication in such instances the User traffic will be dropped if the "block access on authentication failure" option is selected.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0

    Hi, Milosh, and welcome to the UTM Community!

    You are correct that User/Group-based rules can't work if Authentication fails.  I would create another Policy at the bottom of the list of Policies for situations like this.  Just leave 'Users/Groups' empty in the Policy.  You might want to create a new Filter Action for the new Policy.  Of course, you'll want to follow Sachin's recommendation, too.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA