Ability to bind SSL VPN to a single interface.

Currently when SSLVPN is enabled it listens on all interfaces regardless of what is set in Local ACL's.

We need the ability to bind this to a single interface, if we use port 443 for SSL VPN as many want to it limits our ability to run WAF/DNAT for web servers on separate interfaces on 443.

In the current implementation we are unable to select groups in the "Allowed users" field. Selecting groups would vastly improve time spent rolling Sophos Connect out for our pilot users.

I bet a lot of other customers also use LDAP against their domain to fetch users from there. Having to maintain pilot users two places makes this a headache.

Thanks

I would like to see a SSl VPN client that does not require reinstalling the application after every config change. The SSL VPN client config should be updating when it connects after a modification is made.

I have a webserver with SSL enabled, but I want also the SSL-VPN server at the same port (TCP,443) since this port is not blocking at the most firewalls.

I know it is technical possible, with "port share" in the VPN-Server-Config.

Regards,
Marc

Add ability for an Administrator to view and download SSL VPN configurations of users. Additionally make windows configurations available as .ovpn files as well as the 'executable'

I would like to have a report for the use of ssl vpn with duration and time.

MacOS users with the newest version of Tunnelblick are starting to experience compatibility issues with the current OpenVPN version used by SSL VPN.
Specifically comp-lzo is deprecated. See the same idea for UTM

With SG you can configure IPSec site to site using LAN interfaces but with XG you only can configure IPSec site to site over a WAN zone interface. Please allow to do it also over LAN zone interfaces. Thanks

I would like to see WireGuard added as VPN option since it is mote secure, lightweight and modern compared to the current available options.

It would save a lot of client frustration if there was a mechanism built into the Sophos Connect client that allowed users to securely reset their AD account password in the event that it has expired.

It's very disapointing not to be able to WoL all the computers on our LANs. We use WoL to update OS during the night but since we have XG, we can't do it anymore.

Please implement the possibility to send a Wake On LAN (WOL) to computers behind RED devices.

We have networked our branch offices with RED devices. In order to be able to service these computers during a maintenance window (e.g. for the installation of updates) they must be able to be started via Wake On LAN. Unfortunately this is not possible at the moment!

Would be usefull in SSL VPN, that you can have the possibility to override hostname, with multiple records.
Now we do this by manually changing the configuration file.
FE:
remote isp1.dns.com 8443
remote isp2.dns.com 8443

I would like to auto login sophos ssl vpn before windows login like cisco anyconnect to enable remote user get connectivity AD for password resat..

A feature to make an active/active (load balance/HA) VPN over IPsec, in this moment only failover is possible.

Currently, if a company has a pool of laptops to be handed out by users that have the SSL VPN client installed, they cannot log into the SSL VPN client without first logging into the user portal and then downloading the configuration for their particular user. It would be nice to have one VPN client install and if the user is a member of a particular security group, be able to log in using the installed VPN client software.

Sophos Connect IPSec Client should have a possibility to execute a loginscript after successfull connection for mapping network drives. (for example like Sonicwall VPN Client)
or possibility to execute a script on the client side.

Hello Team,

We have customer here requesting to have feature for XG SSL VPN Site To Site to assign traffic to specific WAN interface. For your assistance please. Thank You

While configuring / setting up IPSec VPN Tunnel, there is no option to allocate bandwidth.
Please add this feature as this'll help to manage traffic and available bandwidth.

There are instances where the users at Branch / Vendor site complain they are getting slow connections to the resources in HO. There is no way we can check how much bandwidth is being used by IPSec Tunnel and we can not change the same.