Configure Hotspot users for backend authentication on XG Firewall.
there is no such option in the new version of XG Firewall12 votes
1. I have noticed that the Cisco VPN client has the option of choosing which WAN interface on the firewall is to be bound to for SSLVPN
This feature is NOT available on the sophos vpn client
Please put this a default because if Cisco client is not available then we have t use the sophos vpn client and this feature is necessary
2. There is no dedicated filter option for SSLVPN in the log viewer instead it is going under system view which is wrong24 votes
Allow to configure PPPoE for the WAN interface before license activation.19 votes
The XG Firewall installer should allow me to configure the IP address that I want to use on my LAN, so I can easily integrate it into my existing network.32 votes
During the initial install, Sophos XG chooses the interfaces on its own. User should be able to decide which interface to use.
Also basic setup is the only option someone can do to configure WAN port in order to register device. This would also be nice to choose the interface to use.
Add Registration log to console menu to permit user to see the logs regarding registration errors. At the moment I am unable to register the device, it was difficult to track down log messages.38 votes
The initial product setup process is being updated in an upcoming release, before v17. This will improve the registration process, and interface configuration options available during the registration process.It will also update the setup wizard offered on first login, providing an improved initial install experience, end-to-end.
For customer that do not use iView, we need a way to export logs and reports before a format is needed for some reason (when no HA is used).
Also now the license is attached to serial, so imagine a customer need to move to another appliance (bigger or smaller) he will lose all data.
Inside Administration, there is a Menu "Import/Export). You could add the feature inside there.
Once exported, reports/logs should be imported again as History or merging with the new data.18 votes
Give us objects like in the UTM, Why do i have to set a static ip in the dhcp, add a dns record in the dns server and create a ip host object for firewall rules, when i could do it all with one object in the UTM.. This was for me a really really perfect feature and it makes it all a lot easier to administrate since you don't have to do the same over and over again for different parts of the configuration.87 votes
This is currently being planned for inclusion in an upcoming version
It would be great to be able to see live Bandwidth speed stats for each Interface like we had on UTM.438 votes
This feature is under consideration for a future release in 2018, though a target version is not yet set.
It will be nice to have the possibility to editing multiple Policies at the same time by having a check box on the left (as it is already available on Services Objects) and be able to perform general modification, such as:
edit users/groups member
change Application/IPS/Web filtering
malware scanning option6 votes
Give us the chance to manage XG basic features from CLI, such as:
creating/editing/deleting network objects
creating/editing/deleting ips/application control/web policies
creating/editing/deleting and managing VPN
and more.....125 votes
If you have DHCP on the WAN interface and also an IP-Tunnel which terminates there, it would be great if you can configure the local endpoint dynamically. (Take the IPv4 value of interface Port1)7 votes
Add AICCU support (Like on UTM) [https://www.sixxs.net/tools/aiccu/] for Sixxs.net ipv6 tunnel handling.9 votes
In the log viewer, you have to choose the log View what you want to view for System, Web Filter, .. etc.
Because of you can add filter options like an IP address, would be better if you can see all logs related with that filter at the same time.12 votes
This is currently being developed for inclusion in v17
Would be useful if you can click in the tree menu path to go back in the config options.
For example in System > System Services > Web Proxy if you can click in "System Services"11 votes
It should be allowed to change the name of Physical Interface objects from default PORTx name to custom one.
Also, comment attribute/field should be added for additional description (like it was available in UTM9).399 votes
This is being implemented as part of a larger project, which makes some under-the-hood improvements to configuration handling, which is why this has not been implemented sooner.
NTP Server is a small package and UTM9 has it. In some small organization, having a central NTP server is a nice feature.
Can you add it into future release?
You can put it inside device access, denying WAN from using NTP server for security reason.598 votes
This feature is under consideration for a future release, though a target version or timeframe is not yet set.
At the moment, if you try to remove a object used somewhere (Policy Rule for example) a message appears saying that "the object is already in use." So give us where the object is in use and allow Admins to delete it.
You can add an extra column with number of times the object has been used and give LINK where the object is used so we can go directly to the place and check if can delete it or not.129 votes
UTM 9 had great DHCP options that you could assing globally or to an individual pool. For people with VoIP deployments this is Huge.324 votes
Adding DHCP options to the GUI is under consideration for a future release.
At the moment, automatic firewall rule is not available in any option as it was with UTM9. For example when you setup a new site-to-site or vpn. This is very useful and time saving. Also add inside Policy Section "Automatic Firewall Rules view".
Last, add the chance to create Groups so we are able to group rules together.134 votes
Firewall rule grouping is currently planned, and will be included in v17, shipping later this year.
Automatic firewall are being considered for a later release.
- Don't see your idea?