EasyManuals Logo

Sophos WS100 User Manual

Sophos WS100
237 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #134 background imageLoading...
Page #134 background image
failure (see the next step), users can gain entry to the network through a guest link on the
portal page.
Enforce a timeout: Specify the number of hours and minutes for which the users will
remain authenticated.The default is 1 hour, after which the session times out. Users
must then re-authenticate.
2. Select an authentication failure result.
On authentication failure
Block access: Do not permit unauthenticated access. If single sign on fails or it is turned
off, a web browser pop-up is displayed, prompting for credentials.
Allow access: If single sign on fails, allow access using IP-based policy rules. If the Captive
Portal feature is turned on, the login page contains a link to gain access as a guest user.
3. Click Apply, or click the Profiles tab to create exceptions to these general authentication
settings. For instructions on creating a profile, see Configuring an Authentication Profile.
Related concepts
Network Deployment on page 23
Related tasks
Configuring Active Directory Access on page 124
Configuring an Authentication Profile on page 135
Configuring Active Directory to support Kerberos for Mac OS X on page 134
4.4.7.2.1 Configuring Active Directory to support Kerberos for Mac OS X
If you want to support single sign on for Mac OS X clients, you must configure your Active Directory
server to use Kerberos. Before selecting the Perform SSO for Mac check box on the System:
Authentication page, complete the steps below.
1. Log in to your Active Directory domain controller.
2. Run the following commands, providing the Active Directory username in both.
Note: The "AD Username set on the appliance" must match the username set on the System:
Active Directory page.
Be sure to provide the appliances fully qualified domain name for the first command, and the
appliances hostname for the second command.
setspn -a HTTP/<MyAppliance.example.com> <AD username set on the
appliance>
setspn -a HTTP/<MyAppliance> <AD username set on the appliance>
Related concepts
Authentication on page 131
About Authentication on page 132
Related tasks
Configuring Active Directory Access on page 124
Configuring Authentication on page 133
Configuring an Authentication Profile on page 135
134 | Configuration | Sophos Web Appliance

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Sophos WS100 and is the answer not in the manual?

Sophos WS100 Specifications

General IconGeneral
BrandSophos
ModelWS100
CategoryFirewall
LanguageEnglish

Related product manuals