Give us the ability to change the names of the ethernet ports, I can never remember if the WAN is port 1, port 2, or port 3. If we could name them something that indicates their purpose it would be very helpful.

This function was available in UTM 9, but it's missing in the new XG Firewalls. I should be able to create a new vlan and add it to a bridge so that it spans multiple physical interfaces. As it is right now, a new vlan can only be added to a single physical port.

Customer's situation is that they have two interfaces with the same LAN type. The problem was that the captive portal keeps redirecting to the wrong interface IP. I asked GES about this and was advised that currently captive portal only redirects to the IP of the first LAN interface, there is no way to manually change the IP it uses. So feature request is the way to go.

5659720

Hi Sophos XG Firewall Team,

Need your support to allow the Firewall administrator to configure the SSL VPN port, because most of the networks are not allowing to use 8443 port especially in ISP side.

It is crucial for all Sophos XG Firewall end customer.

Regards
Damodharan..

Possibility of modifying the logo in customer portal, as is the entrance to the company.

Cheers

Please provide ability to use Google's Dynamic DNS service.

It is hard to develop several filter policies with little differences for several groups of users. It would be nice to have ability to inherit, for example, web categories from other web filter policies and for application filters as well.
Or there could be the ability to duplicate policies as it has been mentioned before.
Thank you.

"HA cannot be configured when one or more interfaces are DHCP/PPPoE/WWAN-enabled."

Much like with the previous UTM's, users should have the option to utilize High Availability regardless of their interface type.

When making changes to the NTP Configuration, it should not be necessary to reboot the Firewall afterwards.

Right now it is not possible to change the SSL VPN Port by GUI. Port 8443 is used by default. Please add the possibility to change, because Port 8443 is not allowed in many networks.

No-IP.com was a provider in UTM9 for DyanmicDNS, and who I had my DNS with. I just upgraded to the XG Firewall only to find it's not there, now time to roll back to UTM9. Could you please add this back in?

Would be better if an admin can view the active flags in a security policy. This will be usefull for example to know when a policy is using a NAT policy or have Web Filter policy active. The best option would be a customizable view where the admin can choose what flags want to view.

A great feature in cyberoam was the ability to change webfilter/App filter for a user or group in the identity section.

With XG that good option was left off, allowing only firewall rule based webfilter/App filter application as competitors do.

Please bring back that feature which made Cyberoam so popular.

when creating a new policy rule and choosing an IP host or a host group, it would be nice if you could hover of the name of the group and pop up the address(es) of that host or group.

I can't be the only one who sometimes names things poorly and would like to verify the correct address before creating the rule

The XG Firewall installer should allow me to configure the IP address that I want to use on my LAN, so I can easily integrate it into my existing network.

During the initial install, Sophos XG chooses the interfaces on its own. User should be able to decide which interface to use.

Also basic setup is the only option someone can do to configure WAN port in order to register device. This would also be nice to choose the interface to use.

Add Registration log to console menu to permit user to see the logs regarding registration errors. At the moment I am unable to register the device, it was difficult to track down log messages.

It would be nice if we were able to change the hostname when configuring the Sophos XG Firewall. One of the major reasons is unless you create a certificate with a common name of "localhost", the hostname on the certificate and the appliance will never match.

In Sophos UTM there was an option to allow specific user groups to override a URL block under Web Filtering. This was really useful for educational environments so our teachers could bypass unintentional blocks for kids. Please bring it back! :)

Port forwarding configuration is confusing at best.

In the log viewer, you have to choose the log View what you want to view for System, Web Filter, .. etc.
Because of you can add filter options like an IP address, would be better if you can see all logs related with that filter at the same time.