This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

One-Way Trust VPN Login

I have the client portal VPN page setup. I have a one-way trust between Domain A and Domain B. I have configured Domain B on Sophos and can login to that domain fine. Whenever my end users try to login to the Sophos VPN from Domain A they get denied. I know this works in windows fine as I can login/RDP to machine in Domain B using my Domain A credentials fine. Any assistance on getting this working would be appreciated without having to explicitly open an AD connection from Sophos to Domain A.

Thanks

This thread was automatically locked due to age.

Parents

0 BAlfson over 9 years ago

Hi, jclark, and welcome to the User BB!

I think you haven't gotten a reply yet because you're new with the UTM and don't realize that your statements can be interpreted in more than one way.  At least, I acknowledge that I can't see the "picture" that you're describing.

I have the client portal VPN page setup.

Do you mean that you have one or more HTML5 VPN Portal Connections configured?  Please show a picture of the Edit of each (click on [Go Advanced] below to attach pics and files).

I have a one-way trust between Domain A and Domain B.

Does A trust B or does B trust A?

I have configured Domain B on Sophos and can login to that domain fine.

Do you mean that you have configured an AD server definition on the 'Servers' tab of 'Authentication Services'?  What do you mean by "login to that domain" - open an RDP session using an HTML5 VPN Connection or something else?

Whenever my end users try to login to the Sophos VPN from Domain A they get denied.

Do you mean that they can't get to the User Portal or that an HTML5 VPN Connection doesn't authenticate them correctly?

Why not establish a two-way trust between A&B or add an authentication server definition to the UTM for Domain A?

Cheers - Bob
PS If this is about HTML VPN Connections, you should know that that method is very CPU-intensive.  Five simultaneous users might lockup the computer running the UTM.

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 9 years ago

Hi, jclark, and welcome to the User BB!

I think you haven't gotten a reply yet because you're new with the UTM and don't realize that your statements can be interpreted in more than one way.  At least, I acknowledge that I can't see the "picture" that you're describing.

I have the client portal VPN page setup.

Do you mean that you have one or more HTML5 VPN Portal Connections configured?  Please show a picture of the Edit of each (click on [Go Advanced] below to attach pics and files).

I have a one-way trust between Domain A and Domain B.

Does A trust B or does B trust A?

I have configured Domain B on Sophos and can login to that domain fine.

Do you mean that you have configured an AD server definition on the 'Servers' tab of 'Authentication Services'?  What do you mean by "login to that domain" - open an RDP session using an HTML5 VPN Connection or something else?

Whenever my end users try to login to the Sophos VPN from Domain A they get denied.

Do you mean that they can't get to the User Portal or that an HTML5 VPN Connection doesn't authenticate them correctly?

Why not establish a two-way trust between A&B or add an authentication server definition to the UTM for Domain A?

Cheers - Bob
PS If this is about HTML VPN Connections, you should know that that method is very CPU-intensive.  Five simultaneous users might lockup the computer running the UTM.

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data