XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. RED Notification

    We can configure a notification to alert when the connection to our remote site RED goes down but there's no way receive notification when it's back up! This would be very helpful.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  2. ssl dhcp

    Should be possibile to set a Static ip for SSL VPN Users

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  3. Multiple SSL VPN server instances with separate certificate an encryption setting

    A firewall config lives for many years. So, after a few years, the certificate and encryption settings of the ssl vpn server aren't up-to-date anymore.
    At the current state, if you change certificate or encryption settings, you'll have to redeploy the ovpn-files immediately. The old client settings and certificates become invalid.
    But with multiple server instances you could migrate the users with legacy settings to the new instance next to one another.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  4. Request to allow three algorithm combination on ipsec policy aggressive mode

    Hello Team,

    We have customer here, requesting to allow three algorithm combination on ipsec policy aggressive mode under XG Firewall. Currently only one algorithm combination is being allowed under ipsec policy aggressive mode.

    For your assistance please.

    Thank You.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  5. Increase IPsec remote access VPN bandwidth

    We come across multiple end-customers complaining about the bandwidth they are stuck at with the connect client, based on IPsec for their reasons.
    It's between 5 and 7 MB/s.

    The only thing we could do is try to switch to SSL, which gives 2 times the speeds of IPsec, and create a feature request.

    Please work on this and increase the performance for IPsec VPN.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  6. Sophos Connect - Hide "Save User name and Password" from SSL VPN Connections

    We are able to hide the "Save user name and password" facility for IPSEC VPN connections, but not for SSL VPN connections.

    Please can we have a way to hide/disable the "Save user name and password" facility for SSL VPN connections in the Sophos Connect VPN client.
    Some of our customers want both IPSEC and SSL VPN connections available.
    In many cases allowing users save their credentials is a security risk.

    Sophos Support have advised this is currently not possible with SSL VPN connections in the Sophos Connect VPN Client.
    Sophos support ref - ref:00D301GN6a.5003Z1GgvFd:ref

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  7. sophos connect

    I just found an interesting "feature" in Sophos Connect.

    I have a connection added

    I rename it to OldIPsecVPN_remote

    Then I try to import a new set of settings for the same remote firewall

    Wrong!

    When I click ok to import the other settings it just overwrites my "OldIPsecVPN_remote" with the other set of settings and renames it...

    So what's the use of having a possibility to rename if you can only change the display name...

    Kind regards, Peter

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  8. Radius 802.1x Authentication on RED Ethernet Ports

    Control the Network Access on RED Devices on the Ethernet Ports.

    If deployed in, for example, a home-office I cant control the Network Access for devices that are not company owned devices.

    Right now the only possibility is sophos endpoint, but then I cant use IP Phones or any other non Windows/Linux/Mac device.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  9. SSL VPN able to reach computer devices by computer hostname

    Once connected to SSL VPN, user will still be able to reach internal computer or server by hostname

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  10. User activity connection polling after SSL VPN or Sophos Connect IPSEC

    User activity connection polling after SSL VPN or Sophos Connect IPSEC

    Remote workers with a full TUNEL connection forget to turn off the VPN even though they are done. Consequently, an unnecessary connection is created on Sophos.

    Users who have a Full TUNEL connection with Sophos VPN or Sophos Connect can be notified in the computer application once an hour or at specified periods.

    The connection can be terminated with the user's option of not continuing to work.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  11. SSL VPN Client Error Disabled State

    SSL VPN client not getting disconnected automatically after internet disconnection. Hence it is going in error disabled state and user has to restart their pc to connect to VPN. It should be disconnected automatically once internet connection goes off.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. SSL VPN Client Error Disabled State

    SSL VPN client not getting disconnected automatically after internet disconnection. Hence it is going in error disabled state and user has to restart their pc to connect to VPN. It should be disconnected automatically once internet connection goes off.

    0 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  13. L2TP notifications separate from IPsec notification

    Previously, in v17, enabling notification for IPSEC VPN would only send alerts for IPSEC tunnels. Once we upgraded to v18, we noticed that we were receiving alerts when a remote user connects using L2TP too. Ideally more granular alert options are enabled for VPNs, so that we can disable L2TP alerts.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  14. SSL VPN Port 8443

    I created a port forwarding rule from external port 8443 to internal 443, without thinking that SSL VPN is using 8443 already. XG is not complaining about this and creates the rule. So VPN is not working any more. It could be helpful if XG firewall would show a warning or an error before saving this to running config.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  15. Domain Name by SSL Policy

    It would be great to have the possibility to add différents Domain Name by VPN policy, for case of Firewall mutualisation for various customer with multiple AD

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  16. Allow in SSL VPN to be able to put the fixed ip to a client.

    Allow in SSL VPN to be able to put the fixed ip to a client.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  17. Separate VPN alerts from system events

    Currently, all VPN established and terminated events are reported to Sophos Central as system events. This means that the normal behaviour of users logging in and out of a dial-up VPN is given the same alert treatment as a critical CPU, memory or disk event.

    Please provide additional granularity under System Services - Log Settings and under System Services - Notification list so that VPN established and terminated events can be treated separately from other events and, in particular, that dial-in VPN events can be treated differently from fixed link VPNs. (We would want to raise an incident if a…

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  18. RED - Changing/Adding Red Configurations/Prevent other REDs device disconnections

    When dealing with multiple REDs devices, it would be important not to drop the connection of existing REDs devices when changing/adding a RED configuration. Currently, if you change/add a red configuration, as soon as you save, all RED connections drops for a few seconds and affects all remote offices for connection-sensitive applications/processes (like Remote Desktop).

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  19. Sophos XG, RED Monitoring

    Hello,

    We have Sophos XG 135 and 4 RED Devices. I built a crash scenarios when Internet connection of RED Devices is unsuccessful by adding 4G router before the RED.
    1. Sophos XG 135 sends email notifications but this is not enough for me as it sends them only to one email address. In Administration => Notification settings => Email settings.
    a. Proposal 1: Sending an email to more than one specific recipient. For example: Administrator who is responsible for the internet connection should receive notifications only for the internet connection. Variables that can be corrected should be added to…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  20. usable VPN App for Android

    We need a VPN app for Android that can be distributed and configured via Sophos Central and can connect to an XG. This must be able to handle "VPN on demand" (Android Enterprise).
    Central can already distribute certificates via SCEP, but neither the XG nor Central can create a useful, secure, easy-to-use VPN configuration for Android.
    This is ridiculous

    4 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 13 14
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.