product icon

Sophos XG Firewall VPN configuration for the LastPass Universal Proxy LDAP protocol

    This is a step-by-step description of how to configure Sophos XG Firewall VPN for LastPass Universal Proxy using the LDAP protocol, in order to set LastPass MFA as a secondary authentication method. The following steps contain the Universal Proxy related settings.

    About this task:
    Note: As Sophos XG Firewall handles the incoming authentication requests in a single thread, one client can log in at a time. Therefore, increased waiting time can be expected.

      Configure the LDAP server:

      1. Log in to the Admin Console, go to Configure > Authentication > Servers and click Add.
      2. In the Server type field, select LDAP server.
      3. Set the following fields:
        Server name
        The name of the server.
        Server IP/domain
        The IP address of Universal Proxy.
        Bind DN
        The admin user name configured for LDAP authentication in the following format: CN=Administrator,CN=Users
        The LDAP admin user password.
        Connection security
        Base DN
        The Base DN under which the users are located, in the following format: DC=domain,DC=country_code.
        Authentication attribute
        Email address attribute
        Group name attribute
        Alias for the configured group name which is displayed to the user.
        Expiry date attribute
      4. Click Save.

      Set your server as the primary authentication method:

      1. Go to Authentication > Services.
      2. In the applicable authentication methods set the following:
        1. In the Authentication Server List, select the server you configured.
        2. Move the server to the first position in the Selected Authentication Server list.
      3. Click Apply.
    Results: The Sophos XG Firewall VPN has been configured.