This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Authentication Agent

Hi,

we are currently migrating from Microsoft TMGs to UTM.
With TMG we are using the TMG Firewall Client to setup user based
authentication.

With UTM we need to setup Firewallrules with user/groups based authentication,too.
Is there any possibility to do this with sophos authentication agent "SAA",
when the default gateway for the clients is NOT the UTM?
Our Clients are in a othter VLAN then the UTM is.

thanks and best regards
Stephan

This thread was automatically locked due to age.

Parents

0 stephan_lache over 10 years ago

Hi Bob,

thanks for your reply.
Meanwhile i have some more experience with UTM.
But i am still not sure about the function of the SAA.

Is it right that the UTM needs to be the direct Gateway for the Client where the SSA runs?
This would be a problem in a vlan environment(L3 Switch) where the UTM is not in the
same vlan´s as the clients are.
For example Client (IP: 10.1.4.x, GW:10.1.4.1) ;UTM LAN Interface: 10.1.0.1

thanks and cheers
Stephan
Cancel
Vote Up 0 Vote Down

Cancel
0 vilic over 10 years ago in reply to stephan_lache

Is it right that the UTM needs to be the direct Gateway for the Client where the SSA runs?

I don't think so, did you tested it?
You will have to allow TCP port 9980 between client VLAN's and UTM. Workaround would be to set static route 1.2.3.4/32 on L3 switch to point to the UTM internal address.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 vilic over 10 years ago in reply to stephan_lache

Is it right that the UTM needs to be the direct Gateway for the Client where the SSA runs?

I don't think so, did you tested it?
You will have to allow TCP port 9980 between client VLAN's and UTM. Workaround would be to set static route 1.2.3.4/32 on L3 switch to point to the UTM internal address.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data