XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. IPSEC interface tunnel is hided on LAG port

    When I established IP Sec tunnel Interaface with LAG on WAN, they can't show Virtual Interface of IPSEC tunnel. Please update to show ít on LAG port.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  2. IPSEC interface tunnel is hided on LAG port

    When I established IP Sec tunnel Interaface with LAG on WAN, they can't show Virtual Interface of IPSEC tunnel. Please update to show ít on LAG port.

    0 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  3. RED Tunnel Sorting improvements

    Please improve numbering and allow sorting and filtering of RED tunnels so that they are no longer listed in the order of 1, 10, 11,100,101, 102,..., 198, 199, 2, 20, 200, ...
    When I list my REDs on 17 it is by tunnel ID sorted similar to above.

    When I look at the sorting in version 18.0.1, it shows the Branch Name, the tunnel ID is now invisible, but, the hidden tunnel ID is still the information that RED's are sorted by.

    You could add leading 0(s) to the 1 and 2 numbers numbers and show the Tunnel ID in…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  4. sophos connect

    Can we've an option to integrate AD with Sophos Connect same as SSL VPN?

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  5. users using ssl vpn have to use IP address when modem\phone resolves to ipv6 ip address

    users using ssl vpn have to use IP address when modem\phone resolves to ipv6 ip address

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  6. The SSLVPN connection using Sophos SSLVPN Client with ARM based Windows PC

    To whom it may concern,

    Regarding the SSLVPN connection using Sophos SSLVPN Client,
    we would like to request that you let it work with ARM based Windows PC like Surface.
    If Sophos SSLVPN Client comes to be compatible with TLS1.3,
    will the Sophos SSLVPN Client work with ARM based Windows PC?

    Sincerely,
    Takashi

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  7. Consolidated report for SSL VPN Last login

    Dear Team,

    We are looking for the consolidated report for SSL VPN last login from Sophos XG firewall which is currently not there in the firewall. This report will help the administrator to alter the user list which are inactive since long time. Hence kindly get this implemented in the firewall.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  8. CN Network Monitoring (LAN) - If the interface fails, start IPSEC over WAN

    Many Customers have a CN Network to connect different company location. The CN network is a LAN interface.

    What do we want?
    If the Sophos XG detects a problem with a LAN interface, automatically starts a ipsec tunnel over the wan interface.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  9. lan ipsec

    Many Customers have a CN Network to connect different company location. The CN network is a LAN interface.

    What do we want?
    If the Sophos XG detects a problem with a LAN interface, automatically starts a ipsec tunnel over the wan interface.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  10. q in q

    Hello All,

    I'm writing from in Turkey and I'm a technical guy.

    In our country, we need Q-in-Q or using same Vlan in two braches.

    For Example , The customer is using Vlan 100 ( 10.1.100.0 / 24 ) and They wants to use same Vlan their other branches.

    Is there any roadmap about this solutions on the SD-RED ?

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  11. Conexão Múltiplas SSL VPN

    I noticed that when I am connected within the company, and if I try to connect the SSL Client it allows, the right thing was not to allow, as it can loop the network. A call was opened and the only solution is by MAC, but it becomes impossible to do this for everyone, I have to register one by one, it would have to be a simple solution, to identify that if it is connected to the local network, do not let the SSL Client connect VPN.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. Remote reboot of a RED device

    Provide an option to reboot a RED device from the XG web GUI. Currently, the only way to reboot the device is to go to the site and power cycle the unit.

    13 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  13. Remote reboot of a RED device

    Provide an option to reboot a RED device from the XG web GUI. Currently, the only way to reboot the device is to go to the site and power cycle the unit.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  14. Option to load Balance with IPsec VPN

    Option require on load Balance with IPsec VPN

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  15. VPN icon is red even though 1 of 2 VPN connections to a site is up

    Since it's bad practice to use failover groups on both sites of a VPN tunnel, one side (without failover group) shows a red VPN icon in the dashboard. For example - one side can have 2 WAN connections and the other side has 1 WAN - so 2 tunnels are created for failover.

    It would be nice if we can still incorporate these multiple tunnels to the same site in a group, so that as long as 1 is online, the VPN icon doesn't turn red. Maybe if we can add both sides to a failover group, but toggle failover…

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  16. Broadcast Routing on Bridged Inteface

    I would like to configure the multicast forwardin on a Bridge interface.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  17. ip sla for high latency failover

    we need ip sla feature for high latency fail over while we using two links if one link goes to high latency we need to switch over to secondary link automatically.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  18. Full tunnel VPN exceptions e.g. for Office 365 traffic

    Allow for exceptions to be created that will allow the traffic to go direct to the internet bypassing VPN configured as full tunnel for both SSL and IPsec VPN. This is recommended by Microsoft for Office 365 traffic.

    https://techcommunity.microsoft.com/t5/office-365-blog/how-to-quickly-optimize-office-365-traffic-for-remote-staff-amp/ba-p/1214571

    Alternatively it would be even better if Sophos can build in this functionality within the OS making it an option that can be enabled/disabled.

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  19. SSL VPN with BSNL Link

    SSL VPN tunnel should be established with SUB Interface IP of BSNL which is public-facing and the main Interface IP is Connected to BSNL as L2 LAN.
    We can establish connectivity using Sub IP to IPSEC Tunnel and to Serve Internet to users but can not able to connect using SSL VPN as the Main interface IP is L2 LAN and Sub IP is public-facing.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  20. Prioritize the primary or seconday public gateway option on sophos XG 230

    Dear Support,

    We need the following option on sophos XG Firewall.

    Suggetion: while connecting to sophos remote ssl VPN, we need the option of prioritizing the primary or secondary ISP on Firewall.

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 10 11
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.