At the moment, there is no way to disable/enable an interface inside SFOS.
Strange!Even using CLI menu.
This is a high priority feature, and will likely be targeted as soon as possible after v17 ships, though it is not yet committed to a release.
ain't this already possible by using ifconfig <interface> down/up command?
Marcel Kamenz commented
please put on the roadmap!
This is in an other Request: https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/10615068-enable-disable-interface
Phil Brett commented
Additionally "Alias" enable/disable would be ideal as it is supported in UTM as well as interface enable/disable. This allows for preconfiguration of all Webserver and NAT policies when configured alongside UTM (or other firewall) ready for transition to XG.
Mohammed Elglaind commented
any update ?
This has been an issue since 2015?! Wow...
We migrated from fortigate to sophos due to cost and now we understand what we are missing
The ports under network must be able to disable or switch administratively up/down will be a added advantage.
Is there still no way to release and renew the WAN IP? many ISP's periodically refresh the IP assigned and, in my case, the appliance will not release the old IP and it is essentially causes the interface to appear as failed.
I simple poke to the INT port would be enough to tell if the port was down and then cause it to do an DHCP renew.
anything would be better than what is currently in place
Bruce Kennedy commented
Any update on this feature? one would expect this to be a standard option??
and you loose all the details saved.
Related with -> Rename/Comment Physical Interface objects feature request:
You can disable an interface by settings its zone to 'None' on the interface menu.
This also causes an issue inside Firewall Manager. It thinks your unused ports on the UTM are down, therefore throwing an alarm