XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Hotspot Portal listen on RED Interface.

    Problem is that it is not possible to choose a RED Interface within a Hotspot Definition.
    So you cannot route a client from a branch office to a Hotspot Portal to authenticate. We have a guest Network in a branch office in an own vlan behind a RED50. I thought that the utm and xg Firewall have feature parity on RED and Wireless Feature... NO they dont have!

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  2. wireless client list

    On the UTM there is the option to add custom names to a wireless client.
    Wireless protection - Wireless clients - Wireless Client list
    Would be great to have this option on XG also.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  3. Allow MAC list on Hotspot

    I have created Hotspot and the vouchers for guest users. However, on this hotspot, I would like to have some users be authenticated with their MAC addresses such that they are not prompted with a captive portal to enter voucher. This feature is helpful - to authenticate/allow users based on MAC addresses on guest or other hotspot.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  4. Ending a wireless session

    There is currently no way to see a wireless session and disconnect that person or device from their wireless session. Good security feature for blocking a device or the devices MAC address of that device.

    11 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  5. Mixing Wireless Client Traffic Types

    I want to be able to add all my wireless networks to all my access points.
    Currently I cannot mix "Bridge to AP LAN" and "Bridge to VLAN" on the same access point which I could easily do on other wireless systems.

    10 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow Visibility of Guest Hotspot Users

    It would be really nice to be able to see a list of current Hostname/Mac addresses of those using the hotspot (and boot them if necessary).

    It would be even better if I could get a daily report that shows me hostnames/mac addresses of those people using the hotspot.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  7. SNMP

    SNMP monitoring added for Sophos wireless access points (AP100C)

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  8. hotspot voucher creation with starting validity

    It would be useful to be able to create hotspot vouchers with starting and ending validity , and also to schedule the creation of them

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  9. Guest User Management

    We have observed that we can manually create guest users in Sophos XG Firewall, under

    Objects > Identity > Guest Users
    or
    System > Authentication > Guest Users

    The Following Two Things Need To Be Taken Care Of.

    1) After creating the user, in the edit mode, the administrator is not able to edit the guests cell phone number.

    2) Once we trigger print, for the Guest User Credentials, there should have been a provision to add the Company Logo on the Print Out.

    3) Also comments and Instructions that the Administrator would manually enter, which should be printed on…

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  10. Guest WIFI Registration

    Dear Team @ Sophos,

    One of our customer has an requirement for wireless networks.
    They have 3 Sophos AP-55 and one Sophos XG-135.

    The customer has created a Guest SSID, for the guest users.

    Now the requirement is as follows.

    1. The guest users should be able to connect to the guest SSID with a shared wifi password.

    2. Once the try to access the Internet via a web browser, they should be redirected and presented a WIFI registration form, with the following details.
    Full Name:
    Choose Username:
    Choose Password:
    Email Address:
    Cell Phone Number:
    Address:
    Company Name:
    Designation:
    Date: …

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  11. Wireless Device Migration when AP overloaded

    In our environment we use more AP's than needed to help with device density issues. The average employee has 5 devices on our WiFi network, with our older Aerohive devices we moved away from we could specify max clients per AP, it would then steer the user to the next closest AP with available space. This allows for better overall performance and to allow for higher density AP's.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  12. Non-Sophos WNIC Support

    Some core functionality for other wireless chipsets should be provided, even if it isn't "guaranteed perfect".

    For example, ath9k (Atheros) drivers ship with XG, but cannot be loaded because of a version conflict with a dependency. Atheros chipsets are the most compatible with other linux, and considered to be "100%". The code is all there, and being used in production by other manufacturers.

    Sophos XG Home isn't usable in my circumstance because it doesn't support common wireless chipsets, which is needed in my home. Purchasing a Sophos wireless appliance is possible for my company, but not for me at home!

    7 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  13. Mesh for AP55s on 5ghz

    Currently you can only create a 2.4ghz mesh network on AP55s.Business requirement
    1/. Sophos stays competitive and in the business of WIFI security
    2/. Sophos has products that people want to add the their XG range of hardware
    3/. provides greater throughput than achievable using 2.4ghz mesh.
    Larger files take noticeably longer to load over a 2.4ghz mesh

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  14. Wireless AP Channel planning

    Require the ability to globally set the wireless environment channel plan, especially within 2.4Ghz space. At present although set to UK settings and in auto the system is selecting channel 13 which the upper frequencies stray into channel 14 which are not allowed in Europe. Ideally need to be able to select appropriate channel plan for AP's to follow. Adjusting a single AP is not an issue but for multiple the system should be dynamically calibrating correctly this selection.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  15. Wireless VLAN tagging

    Support teams have never been able to explain to me why VLAN tagging option is associated with an access point group. The configuration for VLAN traffic is within the wireless network configuration for each individual SSID so why have the option in group.
    This is very confusing if you are supporting multiple SSID's within a group which traffic is assigned to multiple secure VLANs. Can this oversight be removed or at least explained within the group page if different.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  16. Ability to have Internal WiFi & AP Wifi on same LAN Segment

    It seems odd that this is not possible already.

    It should be possible to have the inbuilt WiFi of the XG (i.e.: 105W etc) on the same LAN Segment / Zone / Subnet as an external Sophos AP (i.e.: AP15 etc)

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  17. Have menu to show list of devices connected on particular AP under XG

    Hello Team,

    We have customer here requesting to have menu to show list of devices connected on particular AP under XG. For your assistance please. Thank You

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  18. Seamless activation of new Wi-Fi SSID

    If a new SSID goes online (due to a schedule), all other SSIDs goes offline for a short time. So all Wi-Fi clients on all SSIDs will be disconnected.

    This is very annoying, for example, if you have an all-time internal Wi-Fi for corporate devices and a guest Wi-Fi, which is only switched on between typical business hours.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  19. We need OTP for WiFi Guest users access to same same or different network. When new guest come in Office then they connected to network anda

    We need OTP for WiFi Guest users access to same same or different network. When new guest come in Office then they connected to network and when Guest users try to access internet they should for mobile number and after submitting Guest user get OTP on mobile number which he enter.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  20. Wireless AP Unique Identifier (UID)

    It would be great if we can trigger UID LED on the wireless access point. Sometimes it is hard to determine which physical access point we're configuring especially when located in multiple levels.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google Sophos Features & Ideas Laboratory
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Wireless Protection  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.