Sophos XG Firewall VPN configuration for the LastPass Universal Proxy LDAP protocol
This is a step-by-step description of how to configure Sophos XG Firewall VPN for LastPass Universal Proxy using the LDAP protocol, in order to set LastPass MFA as a secondary authentication method. The following steps contain the Universal Proxy related settings.
About this task:
Note: As Sophos XG Firewall handles the incoming authentication requests in a single thread, one client can log in at a time. Therefore, increased waiting time can be expected.
Configure the LDAP server:
- Log in to the Admin Console, go to and click Add.
- In the Server type field, select LDAP server.
- Set the following fields:
- Server name
- The name of the server.
- Server IP/domain
- The IP address of Universal Proxy.
- Bind DN
- The admin user name configured for LDAP authentication in the following format: CN=Administrator,CN=Users
- The LDAP admin user password.
- Connection security
- Base DN
- The Base DN under which the users are located, in the following format: DC=domain,DC=country_code.
- Authentication attribute
- Email address attribute
- Group name attribute
- Alias for the configured group name which is displayed to the user.
- Expiry date attribute
- Click Save.
Set your server as the primary authentication method:
- Go to .
- In the applicable authentication methods set the following:
- In the Authentication Server List, select the server you configured.
- Move the server to the first position in the Selected Authentication Server list.
- Click Apply.
Results: The Sophos XG Firewall VPN has been configured.