SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Deliver Complete Certificate Chain for User Portal

    The user portal in the UTM is not able to deliver the complete certificate chain. It is missing intermediate certificate due to which our VPN Portal is categorized B on online SSL Testing websites.

    20 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  2. Route Based IPsec tunneling

    To connect more than one location to a microsoft azure environment it is neccesary to build route based IPsec connections. In future Microsoft azure will be a important solution platform, so many customer will use this solution.

    19 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add the feature of adding IP List on SSL VPN Allowed IPv4 network settings

    Currently there is no option to add an IP list in allowed ipv4.Network resources. This feature was there in Cyberoam. Post migration to Sophos, it wasnt possible.
    Request to add this feature, so that ACL will be more sophisticated at Firewall Level.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  4. Notifications for failed VPN login

    It would be good if notifications could include failed VPN connection attempt.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  5. Whitelist SSL VPN

    Currently there's no way to isolate specific SSL VPN users in Sophos. While a Firewall rule can be set to access the whole service there isn't a way to allow users A, B & C access from any network but limit user D to only a specific IP or range.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  6. openvpn 2.4

    my uses sometime connect but cant access network resources - they try again a couple of hours later and it works

    the net says there are issues with windows 10 and these are mostly fixed with openvpn version 2.4

    as version 2.4 has just come out it may be worth waiting until 2.4.5 for any bugs to be fixed but to schedule this into the UTM development pipeline

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  7. VPN: Local VPN ID choices with IPsec PSK

    This has been marked as "completed" but to my understanding is only half complete.
    Having multiple IPSec site-to-site tunnels autheticated by PSK, one still can't freely choose the ID for each tunnel.

    Given I have multiple tunnels to customer networks (where I can't change the ID Type expected for my host)
    some expect me to give the external IP as Peer ID others expect the hostname (which sometimes doesn't even match the real one)
    Under current 9.4 I can only set my ID once for all tunnels but not individually per tunnel.
    So any Connection should also allow to edit…

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  8. Changing the Tunnel name of Amazon VPC site-to-site on UTM

    Hello Team,

    We have a request here from our customer to habe option to rename the Tunnel name of Amazon VPC site-to-site on UTM. Right now, all of Amazon VPC site-to-site VPN tunnel names are _vpc-0_ in their UTM configuration. There are requesting the option for have it to be rename for them to make it easily identifiable.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  9. Set MTU for SSL VPN and enable "engine aesni" for OPENVPN

    For make ssl-vpn faster, I would like to set MTU for SSL VPN and enable "engine aesni" for OPENVPN on AWS Sophos UTM9.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  10. rulechecks sslvpn clients

    We would like restrictions to be checked on when sslvpn clients are connecting towards the network.

    For example if someone is running a specific service, the network connection is allowed, and otherwise not. or for exampe, if there is no anti-virus running from a specific vendor.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  11. limit a SSL VPN profile to be able to login just from a specific IP address

    I need to limit a SSL VPN profile to be able to login just from a specific IP address and another profile no limit !!!!

    I understand that I can simply open/close the User Portal and prevent access to the client/certificates but this is not that I am looking for because not vpn profile aware !!!

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  12. The HTML5 VPN Portal should have a Wake On LAN feature when connecting to a PC over RDP

    The HTML5 VPN Portal should have a Wake On LAN feature when connecting to a PC over RDP. This would enable power savings to be turned on while providing users with the ability to remotely wake and connect to their PCs/Servers over the network (say for a standby environment).

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  13. Geo Location based VPN access

    Allow the remote user to access SSL VPN based on their geo-location.

    For example, if we have two remote users say, user1 and user2.

    We want to allow user1 to be able to connect to VPN from the US only and in the same way, we want to allow user2 from India only.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  14. Full mesh VPN - something like Cisco DMVPN technology

    Full mesh VPN - something like Cisco DMVPN technology

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  15. SSL VPN reconfiguration

    SSL s2s VPN. There are seted up for branchs it’s own Server instance. And I faced strange behavior. After I reconfigure any server instance (for example add local network), EVERY SSL s2s VPN tunnels goes down and after some time it reconnect again.

    Regular OpenVPN server can work without that issue! So I believe that Sophos too.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  16. HTML5 VPN Portal: Copy and Paste from Local Machine to Remote and from Remote to Remote

    Please add the feature for the copy and paste from local machine to HTML5 session. It would also be nice to allow copying from HTML5 session to another HTML5 session.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  17. IPSec Site to site policy IKEv2 SA Throughput

    To configure a stable site to site with Microsoft Azure on a UTM 210 with a poilcy based route you have to configure the Phase 2 security association (SA) Lifetime (Throughput) as well as the time because without it the site to site will fall over as soon as you hit 1GB of throuhgput. The VPN will not connect until a system restart is performed.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  18. VPN connection log

    The default behaviour of the SSL VPN client is to truncate the log file on OpenVPN startup. Want to have the option to append in stead of truncate.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  19. DMVPN

    For some customers interesting to have DMVPN, to prevent multiple end-to-end Links.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  20. OPENVPN client

    Would like to be able to use the system as an OpenVPN client.

    45 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.