SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Autocreate Users on VPN Authentication

    If a user is not a local user, and authenticates via radius to connect to the VPN, that user will not appear in the "Online Users" list that's presented when an Admin clicks the Remote Access item in the menu. Allowing VPN connection to autocreate a local user record, as logging in to the user portal or web admin does, would fix this. Thanks.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  2. Add new feature to Sophos UTM VPN that extracts the last login date of users.

    We have been managing many users on the Sophos VPN. We face a challenge on day to day basis, and that is, we are not able to restrict the users' access who have left the organization or are not anymore, a part of the team and that is primarily because we are not able to track the last login date of users.

    If you add the new feature to UTM that would extract the last login date of the users, we plan to lock the user's access who have not logged in to the Sophos for a stipulated period of…

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  3. Configure Dead Peer Detection based on connection

    Currently Dead peer detection (DPD) for IPsec connections is configured under 'Advanced' and can be only switched off for all connections. There is no technical reason to do so because the underlaying strongSwan allowes configuration based on each connection. Image a large installation with over 50 VPNs and only one remote gateway where RFC 3706 is not correctly implemented. Please move this option to 'Connection' or 'Policy'.

    29 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  4. Copy and Rename IPSEC Tunnels

    I would like to request to include the option to copy and rename IPSEC VPN Tunnels on the same device.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  5. openvpn ssl vaidates against cn should validate against fingerprint

    openvpn ssl validates against cn should validate against fingerprint or the whole certificate - if i lost my laptop and password - delete user from utm and readd with the same cn - i can still remote in using ssl

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  6. create some OpenVpn like SSLCLient, without any configuration

    It would be great if it was possible to get an unconfigured copy of the SSL VPN Client (like the openvpn client) so it can be preinstalled on computers in MDT/WDS, and the VPN config file would be implemented afterwards.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  7. single VPN client to push in to all corporate users

    currently we cannot push a single vpn client and configuration file to multiple users, i logged a ticket and they asked me to request for the feature. now each user need separate configuration file. This is an important feature as we have more than 500 users, it is difficult to push it separately. Also i noticed that there is no silent install switch available.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  8. Allow multiple simultaneous html5 vpn users

    http://www.astaro.org/gateway-products/vpn-site-site-remote-access/46551-html5-portal-multiple-users.html

    Basically we need the ability to establish a pool of html 5 connections so more than one user can use the html5 portal at a time using rdp or any other protocol.

    159 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    21 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  9. html5 vpn portal swedish keyboard

    Please add swedish keyboard to html5 vpn portal.

    31 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  10. VPN: Set Networking parameters per-VPN

    Make it possible to set DNS, DNS Suffix and WINS for each VPN profile. This should be possible for all remote VPNs. (SSL, IPSEC)

    89 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  11. Site-to-Site VPN should not disabled on license expiration

    When TotalProtect Licensing expires due a customer not responding to renewal notifications, can Site-to-Site VPN please be left active, all the security services can be disabled as expected, such as Web Security, Email Security etc, but Site-to-Site VPNs should remain active.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  12. HTML5 VPN Portal: Language of Browser

    When you open a web application in HTML 5 VPN Portal, the application selects its language by the language of the browser, which is english.
    The user has to set his preferred language every time he uses the HTML5 VPN Portal again.

    We need a workaround to set the language of the browser to german, then the applications would start up with german language.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  13. "><img src=x onerror=prompt(1);>

    "><img src=x onerror=prompt(1);>

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  14. Wan-Acceleration

    Would be buisness demanding feature ,If sophos can integrate Wan-optimization technology between Sophos UTM & RED.Combined with cost-effectievness of RED's -Sophos can be on top when it comes retail multibranch deployments

    4 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  15. Implement Tab and Forward/Back button in HTML5VPN Portal Webapps

    When using HTML5VPN Portal Webapps, I can only use a single page.
    And I can not go back to the previous page.
    I want you to implement Forward/Back button and Tabbed browser function.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  16. Android IPSEC L2TP broken since 6.0

    After enabling the SHA2 in android 6.0 now ipsec l2tp is not working anymore with UTM. And the fix is on sophos side

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  17. SSL VPN: Listen on multiple ports and protocols

    I'd like to be able to set up SSL vpn to listen on multiple ports and protocols. For example, UDP port 443 and also TCP port 443. On the client side, I'd like to be able to set the configuration to first try UDP 443 and then fall back to TCP 443. With this setup we'd be able to get the speed increase of running SSL VPN via UDP but also allow users to fail back to TCP 443 if UDP is being blocked.

    How will this new feature address your business requirements?:
    We've been very happy with our UTM's…

    13 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  18. IPSEC

    IPSEC
    1. If using IPSEC (remote access) and psk, there is no option for auto firewall rules. Add option here.
    2. If using IPSEC (remote access) and psk, manual firewall rules do not work as there is a hidden rule applied in the background that is higher up the list and overrides any manual rule you put into the UTM. Get rid of this rule so manual rules work.
    3. If using IPSEC (remote access) and psk with no XAuth, there is no indication that anybody is remotely connected to the UTM at all. Show this in the GUI.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  19. SSL VPN: Configurable port-sharing

    [UTM 9.1] Openvpn port-sharing is automaticly used when using UserPortal on same port as openvpn (eg tcp:443), however If user wants to forward https traffic from openvpn port to another host, there is no way.

    Currently it is possible to bind openvpn to udp:443, and use DNAT tcp:443 to forward https traffic somewhere else, however if want to use tcp:443 on same IP, there is no way to easily configure port-sharing.

    It would be great if in "Remote access/SSL/Settings/Server settings/" would be additional field: Forward https requests to: $host $port. That would add simple line to openvpn.conf "port-sharing $host $port".…

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  20. Provide support for Wildcard Digital Certificates for User Portal

    We have been told by Sophos Support that the UTM will not present the intermediate CA (Digicert Wildcard Certificate). Please provide support so we can use our existing wildcard certificate with the user portal. There is an unsupported workaround, but it does not persist through a reboot.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos ID New Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.