Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/nsg/sophos-firewall/22.0/Help/en-us/webhelp/onlinehelp/index.html?contextId=CLI-system-auth

auth

You can set authentication parameters for STAS (CTA), thin client, and maximum live user settings.

Command

system auth

Syntax

system auth
cta [collector] [add|delete] [collector-ip <IP address>] [disable|enable|show] [unauth-traffic] [drop-period {<1-120>|default}] [vpnzonenetwork] [add|delete] [source-network <IP address>] [netmask <subnet mask>]
max-live-users [show|set] <8192-32768>
thin-client [add|delete|show] [citrix-ip] <IP address>

Options

cta [collector] [add|delete] [collector-ip] <IP address>

Add or delete an STAS collector.

cta [disable|enable|show]

Turn STAS on or off. You can also show its current status.

cta [unauth-traffic] [drop-period] {<1-120>|default}

Change the learning mode duration. See Unauthenticated traffic.

cta [vpnzonenetwork] [add|delete] [source-network] <IP address> [netmask] <Subnet mask>

Add or delete a VPN network to STAS authentication. See Configure the head office Sophos Firewall to prompt VPN traffic for authentication.

max-live-users [show|set] <8192-32768>

For max live users, the available values are 8192 to 32768.

Use the show command to see the current values.

thin-client [add|delete|show] [citrix-ip] <IP address>

Thin client is used for authentication within a Citrix environment. See Sophos Authentication for Thin Client (SATC).