Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 1060 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IP Addresses in Web Report

eballweg
I have ASG joined to the domain with the web proxy set to Active Directory SSO.  I have prefetched all domain members.  I still get mostly IP addresses, instead of usernames in the Web Security and Executive Reports.  Would setting the web proxy to Standard Mode help or am I missing something else?


This thread was automatically locked due to age.
Parents
  • 0
    I may have fixed my problem.  I added the groups for those users to the HTTP Proxy.  Why were they allowed trough the proxy in the first place?  Were they using the transparent proxy instead?
  • 0 in reply to eballweg
    In the transparent mode, the HTTP Proxy captures all port 80 traffic.  In the Standard mode, each client must be set to work with the HTTP Proxy.  I don't think that would make a difference in whether usernames appear instead of IPs.

    Do I understand correctly that you got the usernames to appear by creating a Proxy Profile?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    No, I got them to appear by adding them as users to the proxy.  

    Web Security -> HTTP -> Global

    Below the Operation Mode drop-down list

    I had already created proxy profiles, which I guess were not being used.
  • 0 in reply to eballweg
    Right, you said you were running in AD SSO mode.

    So, you didn't have names when you specified the group, but you did when you spec'd the individual names?

    If that's the case, you have identified a bug, I think.

    Cheers - Bob
    PS Here's what the manual has to say:
    Note that when you select an operation mode that requires user authentication, you should also select the users and groups that shall be allowed to use the HTTP proxy. However, if no users or groups are selected, every user who has successfully authenticated against the directory service can use the HTTP proxy.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to eballweg
    Right, you said you were running in AD SSO mode.

    So, you didn't have names when you specified the group, but you did when you spec'd the individual names?

    If that's the case, you have identified a bug, I think.

    Cheers - Bob
    PS Here's what the manual has to say:
    Note that when you select an operation mode that requires user authentication, you should also select the users and groups that shall be allowed to use the HTTP proxy. However, if no users or groups are selected, every user who has successfully authenticated against the directory service can use the HTTP proxy.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    I had one group in the list.  When I added the groups containing the other users, it identified them with their usernames (instead of IP addresses).  The manual makes it sound as if it will reject users not on the list.  In actuality, it will allow unlisted users onto the transparent proxy and record their IP addresses