XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. RED XG to XG client side multiple wan link fail-over options

    It is definitely necessary to have a choice of primary/secondary/tertiary for the WAN interface a RED client will use.

    23 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  2. RED: Make tunnel Timeout adjustable

    It would be great to be able to adjust the timeout values on the REDs to prevent the device from disconnecting as fast when connected to an unstable ISP connection

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  3. VPN Exclude Networks

    When setting up an IPSEC Site To Site VPN there is no way to exclude source or destination hosts/networks from being included in the VPN tunnel.

    For Instance:

    Sending all traffic over the Tunnel, but excluding a local host from the tunnel and traffic to a specific network

    Remote Subnet: Any
    Exclude Source: PC 10.10.10.10 (Or Network if you like: 10.10.10.0/24)
    Exclude Destination: 123.123.123.123 (Or Network: 123.123.123.0/24)

    13 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  4. Allow me to change the MTU/MSS of SSL VPN Clients

    Disappointing that I can't tweak this for performance. UDP fragmentation is a big problem in our world of oversold connections.

    5 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  5. SSL VPN Reports should include the timestamp of when the user connects and disconnects

    SSL VPN Reports should include the Timestamp of when the user connects and disconnects.

    This feature needs to be added.

    216 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    32 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  6. Custom MTU/MSS For IPSec Tunnels

    Need be able to set custom MTU/MSS settings on individual IPSec tunnels. I have multiple site-to-site IPSec VPN tunnels and it would be great to be able to set custom MTU/MSS configurations for each one.

    While ipsec0 is used for IPSec VPNs, it would be nice to have custom configs for each connection.

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  7. SSL VPN settings should be per-profile

    In SSL VPN there is limitation of setting up source (DHCP range)networks, there is no option to create another VPN setting (P1 and P2) for different VPN profile.

    which is important for Multi profile VPN configuration for different department and access.

    24 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  8. VPN allow Network Level Authenticaion for RDP bookmarks

    With the VPN, when you create a bookmark for remote desktop to a windows machine, you have to uncheck "Allow Connections from computers running Remote Desktop with Network Level Authentication". If you do not, it will throw an error. You can use "NLA" security and that will work for machines with "network access level" enabled, but you need to populate the username and password for that machine to autologin.

    This works if you are the only one using that bookmark, but doesn't help if you are creating bookmarks for your employees and you as a technician don't know their credentials,…

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  9. RED traffic in system graphs

    We can see RED traffic in report,
    but we can't see the traffic in system graphs.

    Please add the RED interface in system graphs.
    Thanks~

    28 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  10. RED Support IPv6

    Currently RED devices can not use IPv6,
    I want RED devices to support IPv6.

    27 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  11. 4096 bits SSL VPN Encryption

    4096 bits SSL VPN Encryption is currently very common on many appliances but not on Sophos XG. Could you please add this level of encryption to the XG?

    36 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. IPSec Connections Report

    More detailed report for IPsec connections. There is a report item for VPN but it's limited and it only counts the number of times an IPsec tunnel was connected that day, requesting to have more granular reports for IPSec usage.

    16 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  13. DMvpn

    Dynamic Multi-point VPN (DMVPN) is required for dynamic routing in VPN for redundant route identification (LIKE ospf,eigrp,).

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  14. User Portal Bookmarks - Allow RDP keyboard input language change

    Currently when accessing RDP via a bookmark from the portal the HTML5 RDP app defaults to USA input which causes issues for UK keyboards where symbols are assigned to different keys. It would be very useful if the input keyboard language could be set in the bookmark configuration. Ticket raised with Sophos support confirms that changing input language is not currently possible

    14 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  15. SSL VPN - Disconnect User

    Actually, if I click the button to disconnect a Live SSL VPN User (from XG Admin Panel) the firewall sends Connection Soft Reset to the VPN Client, but after a few seconds the client re-connects.

    It would be nice to disconnect the user (at least until it does another login with VPN Client) maybe also sending him a popup message.

    15 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  16. HTML5 VPN

    Add HTML5 VPN like UTM9

    20 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  17. RED WAN I / F support PPPoE

    I want RED's WAN I / F to support PPPoE

    I think loading config from USB memory.

    9 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  18. Shutdown ports on RED via XG configuration

    Could it possible to shutdown LAN ports on the RED via the configuration on the XG? We have installed a number of REDs in shared comms rooms and it would be good to stop people from having the ability to just plug in a LAN port on the RED and access a customer's remote network via the L2TP tunnel.

    7 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  19. SSL VPN with seperate DHCP scopes

    I would like to see in IPSEC and SSL the option to set each SSL remote configuration to be able to have it's own DHCP server, for example I want this group of users on SSL to use one DHCP server and scope and another set of users to use a different DHCP Scope.
    This would help when trying to isolate networks across domains.

    18 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  20. Assigning static ip to SSL VPN users

    It would be very convenient to assign static ip to users logging in through SSL VPN client. Currently this feature is available only to L2TP and PPP users.

    336 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    85 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.