SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. VPN: Spice Protocol for HTML5 VPN

    Please add support for the Spice protocol. It is an Open Source solution for interacting with KVM Virtual Machines, and gives you a rich user experience. It is a kind of Remote Desktop protocol. Also, support for more Remote Desktop types would be cool, like *NX, and XDMCP.

    http://spice-space.org/

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  2. VPN: Use Windows User as Automatic Credentials for HTML5 VPN

    Clientless SSL-VPN automatic login should use the logged in user.
    This is also usefull if the Astaro is setup with SSO, same user name and password in AD.

    12 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  3. VPN: Configurable Lease time for SSL VPN

    It should be possible to change the DHCP lease time for the remote access pools over the webadmin.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  4. RemoteAccess: Static IP for SSL-VPN

    PPTP and IPsec vpn both support static virtual ip addressess assigned. Customers want to have this feature also for SSL-VPN. This way, internal users can access resources that are connected by SSL-VPN, like the printer attached to the laptop connected via Remote ACcess

    153 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    20 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  5. User Portal should include L2TP & PPTP for RADIUS auth'd users

    If PPTP or L2TP over IPsec is configured with RADIUS authentication, and the user has not been sync'd to the Astaro, the End User Portal does not display those options for Remote Access, nor does it include them in the Profile for iOS.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  6. VPN: Toggle VPN's via UserPortal

    I think it would be useful if an IPSEC VPN definition could optionally be assigned a owner. That owner would then have the option to activate/deactivate the VPN tunnel after logging into the user portal.

    Use case is this: companies may from time to time allow a VPN to be setup to access for example a web site. Unlike an individual SSL VPN this access may be needed by an outside team, so multiple single access SSL VPNs are not satisfactory. After the firewall manager configures the connection and ensures the correctness of the rules, it becomes the responsibility of…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  7. VPN: Time-Based HTML5 VPN Portal Connections

    Give the option to set up a time period for the client access for example on the advanced section of the portal connection definition.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  8. VPN: Active Directory / LDAP authentication for L2TP, IPsec & Cisco Client

    Presently, the only Remote Access available to backend groups (except RADIUS) is for the SSL VPN.

    40 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    11 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  9. FIPS 140-2 Certification

    I like what I have seen from Astaro but am unable to use it for my work because of FIPS 140-2 Requirements.

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  10. VPN: Officially Integrate Tunnelblick Mac SSL VPN

    While the SSL VPN in ASG works great using the Tunnelblick client on MAC, it would be nice to have it officially integrated.

    Granted it's not hard to download the configuration and use it with Tunneblick, but having it all available right from UserPortal just like the Windows SSL VPN Client would make it even better.

    22 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  11. Management: HTML5 Clientless VPN Management Role

    The new Clientless VPN is an awesome way to manage remote access or remote support sessions for external service provider. With the ability to provide secure Remote Desktop or VNC access we are able to get rid of nasty tools like Teamviewer.

    Often there is a requirement to have the ability for remote access deactivated by default and control when a connection can be made. Therefore I think it would be a nice feature to be able to delegate management users for each clientless VPN connection (just like the hotspot vouchers thing).
    The management users should have a new section…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  12. SSLVPN Fallback ip(s)

    When using multpile providers it would be usefull to also allow a secondary address to be used as fallback.
    So if ip from provider 1 is down, the sslvpn would try to connect to an ip from provider 2. So allow multiple ips for VPN, it is possible not all that hard just use multiple remote statements in the ovpn file.

    14 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  13. VPN: Backend Authentication Support for PPTP

    Currently astaro support only RADIUS and LOCAL authentication in PPTP VPN.

    Since Astaro is using the open source PPTP which is PoPToP, authenticating on AD, LDAP, and others is possible. Would be great to have this added.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  14. limit number of vpn connection

    to many of RAS servers you can restrict number of VPN (PPTP or L2TP) connection from one user accountcan you add this to Remote connection part

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  15. VPN: Restrict Roadwarrior VPN Connections by Source

    To ensure that even service engineers or any other users will be able to connect to company's network only from restricted IP/network.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  16. RED: Combined Red and Access Point

    Have the RED device come with a built in wifi access point similiar to the new offering from Meraki (MR12/16/24).

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  17. VPN: Bind Rules to Tunnel

    It would be great if I could bind Firewall rules/ Network definitions to IPsec Tunnels.

    Now if i have a Rule like:
    Client_Network -> Web Browsing -> Internet IPv4 -> Allow

    This means that clients can browse through the VPN tunnel as well, beause the Tunnel is bound to the EXT Interface too.
    Now, I can make the necessary deny Rule and place it before the allow Rule, but this is cumbersome and not ideal.
    The simplest way would be that VPN Tunnels are handled as separate physical interfaces and can be bound as such..

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  18. 2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  19. Reporting: Display VPN traffic usage of past 24 hours

    The VPN traffic should be counted for 24 and not only after a logout of the user.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  20. path to route.exe on customized windows installation

    At SSL-VPN client, the route.exe file is static pointed on c:\windows\system32 path. Somes customized installations refers to c:\winnt\system32. In this case the VPN will not work. Solution: mkdir \windows\system32 and put a copy of route.exe there. Suggetion: the SSL-VPN client should use the path - systemvar. %path% or %windir%.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID Staging Test
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.