Running an ASG320 with Full Guard. Using Proxy Profile Standard Mode with AD SSO. We will randomly get company wide authentication popups and the only consistent way I've found to resolve this issue is rebooting the UTM. Everything will be working fine for a week or more, then all of the sudden everyone gets an authentication popup, nobody can authenticate and we are without internet access until the UTM reboots. This has been happening for close to a year, I've opened multiple cases with Sophos and they've never given me an answer. We've confirmed that our DCs are pingable when this happens, the wpad URL is pingable, and external hosts are pingable. If you look at the Web Filter log it shows the traffic, but no user is assigned so all traffic hits the default block.
In the past I've had luck restoring access by Flushing the Authentication Cache, or disabling and enabling the Proxy Profile. These past couple times nothing I've tried restored service except for a UTM reboot. Sophos Support has been 100% useless in resolving this issue. Their last suggestion was calling them next time this happens. The problem is when I call I sit on hold for 45 mins. I'm not willing and it isn't acceptable to expect our company to be without internet access for an hour or more while I have some Tier 1 tech look around at my config.
If you have any suggestions as to what logs I can look into or settings I can check, I would GREATLY appreciate it. Thanks in advance!
*It may be helpful to know we're running software version 9.106-17
This thread was automatically locked due to age.
