SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. VPN: Restrict Roadwarrior VPN Connections by Source

    To ensure that even service engineers or any other users will be able to connect to company's network only from restricted IP/network.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  2. RED: Combined Red and Access Point

    Have the RED device come with a built in wifi access point similiar to the new offering from Meraki (MR12/16/24).

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  3. VPN: Bind Rules to Tunnel

    It would be great if I could bind Firewall rules/ Network definitions to IPsec Tunnels.

    Now if i have a Rule like:
    Client_Network -> Web Browsing -> Internet IPv4 -> Allow

    This means that clients can browse through the VPN tunnel as well, beause the Tunnel is bound to the EXT Interface too.
    Now, I can make the necessary deny Rule and place it before the allow Rule, but this is cumbersome and not ideal.
    The simplest way would be that VPN Tunnels are handled as separate physical interfaces and can be bound as such..

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  4. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  5. Reporting: Display VPN traffic usage of past 24 hours

    The VPN traffic should be counted for 24 and not only after a logout of the user.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  6. path to route.exe on customized windows installation

    At SSL-VPN client, the route.exe file is static pointed on c:\windows\system32 path. Somes customized installations refers to c:\winnt\system32. In this case the VPN will not work. Solution: mkdir \windows\system32 and put a copy of route.exe there. Suggetion: the SSL-VPN client should use the path - systemvar. %path% or %windir%.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  7. Announce VPN Pool Networks (for Remote Access) via OSPF

    When enabling one or many of the remote access protocols, like IPSEC, SSL, PPTP, etc, the used network address pool should be announced as an OSPF route, so that the remote client can access all internal devices.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  8. Proxy ARP on SSL Tunnel-Interface

    Allow to enable proxy ARP on tun0 SSL-tunnelinterface so you can use IP addresses from the LAN for SSL remote access VPN-Clients. I have tested that this works by 'echo "1" > /proc/sys/net/ipv4/conf/tun0/proxy_arp' on the command shell.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  9. VPN: Set MTU for L2TP VPN

    today it is only possible to do this by manually changing mtu/mru in /var/chroot-ipsec/etc/ppp/options, and that file is overwritten by (some) firmware updates.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  10. Remote Access: Add Second Hostname to SSL-Config

    To realize a VPN-fallback it is possible to add multiple Hostnames or IPs in the .opvn file of the SSL-config. It would be much easier to add this entries via the WebAdmin surface.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  11. VPN: SSL VPN for Windows Mobile

    What about an ssl vpn client for windows mobile?

    46 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  12. Pushing Routes to SSL Clients with custom Metric

    It would be helpful to define which routes are pushed to the SSL clients AND define the desired Metric to the route. I's needed when clients open the tunnel in the internal network and you don't want the traffic to go through the tunnel instead of the local NIC.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  13. 10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  14. SSL VPN: Client Installation Options

    It would be nice if you could pass options to the SSL VPN Client installer, such as
    auth-nocache etc....

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  15. VPN: Client Access from Defined Systems

    An option to manage that only defined systems can use the VPN-Client and the conf-files for connect.
    It is more than easy to copy the conf-files from a XP to an linux-system and using open-vpn in a shell.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  16. VPN: IOS XAuth Password

    Currently the configuration available via the UserPortal automated setup has no way to include a password for the user, which they must then specify every time they connect. Including the password would allow one-touch VPN connecting!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  17. VPN: Officially Integrate Tunnelblick Mac SSL VPN

    While the SSL VPN in ASG works great using the Tunnelblick client on MAC, it would be nice to have it officially integrated.

    Granted it's not hard to download the configuration and use it with Tunneblick, but having it all available right from UserPortal just like the Windows SSL VPN Client would make it even better.

    22 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  18. VPN: Active Directory / LDAP authentication for L2TP, IPsec & Cisco Client

    Presently, the only Remote Access available to backend groups (except RADIUS) is for the SSL VPN.

    39 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  19. VPN: Time-Based Tunnel Rules

    Open or closed a remote access or site-to-site tunnel via time rules. In banking sector you need this feature.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  20. VPN: Backend Authentication Support for PPTP

    Currently astaro support only RADIUS and LOCAL authentication in PPTP VPN.

    Since Astaro is using the open source PPTP which is PoPToP, authenticating on AD, LDAP, and others is possible. Would be great to have this added.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.