The Client Authentication Agent (CAA) is a lightweight agent for the sole purpose of authenticating users with the XG Firewall. Here in this article we will describe process to install client authentication agent to authenticate users with sophos XG firewall.
Please login to the firewall and click on authentication
Click on Client downloads
You can click on Download MSI or Download for windows and you need to click on “Download CA for MSI“
You can also download CAA from the user portal as shown below
First log in to the user portal >> Click on Download client and then click on Download for windows
Then create a firewall rule for users for authenticated users as shown below
The above firewall rule indicates whoever the users are accessing internet they must be authenticated with sophos XG firewall.
Then enable the client authentication under Administration >> device access under specific zones as shown below and click apply.
Now we need to install the downloaded application and certificate.
To install the certificate type “certmgr.msc” in the run button in windows
The certmgr window will appear. Click on Action > All Tasks > Import. Follow the wizard and make sure to select the Sophos Client Authentication CA certificate that was downloaded and that it is installed in the Trusted Root Certification Authorities Certificate Store.
Now click on the application and login with the concerned credentials.
Hope this article helps you