SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

VPN: IKE V2 Support

IKE V2 is the newest innovation to IPSec and makes using of mobile clients a lot easier. I wish to integrate IKE V2 as soon as possible.
See: http://tools.ietf.org/html/rfc4306 (RFC 4306)

365 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    feichhornfeichhorn shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    50 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Anonymous commented  ·   ·  Flag as inappropriate

        This feature is really necessary for a state of the art UTM. It is important for us to have this function.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Timo - which product that supports IKE V2 have you chosen? I would appreciate your advice.

      • TimoTimo commented  ·   ·  Flag as inappropriate

        we have to renew our utm subscriptions soon. since utm still does not support multi site vpn to azure (route based) we will go with another vendor now. we have been waiting for this feature for more than 2 years now. It looks like utm is not something sophos is really willing to invest in.
        bye bye sophos

      • MatthewMatthew commented  ·   ·  Flag as inappropriate

        Jeroen Vercoulen - it is if you want multi-site vpn tunnels. you need to have route based vpns in place which require IKEv2

      • Aaron MarksAaron Marks commented  ·   ·  Flag as inappropriate

        I so badly want to believe BuddyBuddy's comment below. We'll be in heaven if we can use UTM 9.6 with both AWS & Azure finally.

      • CT AdminCT Admin commented  ·   ·  Flag as inappropriate

        Oh, man - this is around such a long time and Sophos users have to live in stoneage !
        A bad shame for a product which claims to be professional and branch leading ...

      • Ian SimeIan Sime commented  ·   ·  Flag as inappropriate

        I was told this today...

        "It’s looking like it will be the middle of next year with the launch of V17 on the XG series of devices, it isn’t currently in the pipeline for UTM SG."

      • Stefan MilaniStefan Milani commented  ·   ·  Flag as inappropriate

        Need IKEv2 too. We use Sophos in Energy-Business and there are a lot of restrictions - e.g. IKEv2 - Please add this feature as soon as possibe!!

      • Mike SauerMike Sauer commented  ·   ·  Flag as inappropriate

        Andrew, We consider switching clients to Fortinet but Meraki sounds interesting as well. Does Meraki's product allow point to site connections to Azure?

      • Andrew KayAndrew Kay commented  ·   ·  Flag as inappropriate

        Same. Meraki won over our business with a better overall VPN solution. Planned on boarding of three new SG135's and an upgrade of 2x UTM 220's to equivalent SG series are cancelled and two existing installs of SG135's are going to Meraki when they come up for renewal.

        Pity as the UTM 'was' such a good product.

      • cc commented  ·   ·  Flag as inappropriate

        @StrongSWAN.. nothing you wrote seems it would be a problem. But what do you mean by "UTM"? If you are referring to UTM being an instance of Sophos, and then you want to have a Pi with StrongSWAN "between" the device and the UTM.. then the question goes to what your network looks like. However... the StrongSWAN IPSec router can also exist BEHIND a UTM. You can NAT IPSec traffic through a UTM or other FW and terminate the IPSec tunnel behind it somewhere. That is exactly what we did. And we actually had moved several IPSec tunnels from a UTM to another Linux VM behind it without even affecting the clients. Can email me directly for more help: ithelp45-astaro@yahoo.com

      • StrongSWANStrongSWAN commented  ·   ·  Flag as inappropriate

        coewar, We need to point-to site connect all sorts of non-Windows devices in various locations to Azure, eg a couple of VoIP phone in one location, a particular scanner that accesses a Azure drive in another location, a Linux machine in a third location etc. I think it would be cool to have your StrongSWAN solution on a Raspberry Pi that could then simply be put between the device and the UTM. Is this viable?

      • Anonymous commented  ·   ·  Flag as inappropriate

        UTM 9.4 "elevated" ...still no IKEv2 support! It's needed for Microsoft Azure!!!
        Many customers will switch to a product which supports IKEv2.

      ← Previous 1 3

      Feedback and Knowledge Base

      icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-lightbulbCreated with Sketch.