Route based VPN in XG Firewall
Route based VPN is a very much required feature in XG Firewall. Lot of Cyberoam customers are using this feature, primarily for MPLS to VPN failover using Dynamic Routing. In multi-branch scenario, Sophos cloud is a great solution with Synchronized security. But customers who are using Route based feature are not able to upgrade their Cyberoam devices to SF-OS because of the feature lack.
Unfortunately without route based VPN on the Sophos UTM or XG Firewall, it's impossible to recommend this solution for any Azure project. This is very sad and I hope it will soon be implemented
Come on already Sophos, stuck with 100mbits policy based vpn on Azure, and can't take advantage of 1Gbps and up with route based on Azure.
yoshiyuki wada commented
we really need for customer requirement.
Hi folks, I'm totally agree with this.
Currently I have several Cyberoam devices using this feature. And I was informed about some bugs on CROS that will not fixed. (Informed by support team). And I need to move to SFOS.
But why will I move to SFOS if it does not support all Cyberoam features?
Thisd feature shoud be implemented a long time ago .. since is a feature from Cyberoam devices!!!
Now I need stay with CROS (with bugs) because the product manager does not approve it.
Sean F. commented
We are about to replace a firewall for a client, and wanted to quote Sophos. Will most likely have to go with a different vendor because of the lack of route-based vpn feature
Guilherme Queiroz commented
We really need it.
This is a big let down when it comes to doing failover for VPN tunnels for Sophos XG. Not only the tunnel does not revert to its primary WAN interface, we have to disable and reenable the Failover group status for the tunnel to be established via Primary WAN interface.
Its no much easy to use Fortigate to do this as it has route based and both tunnel can be active-active but have primary tunnel have shorter route compare to the secondary tunnel
Rogerio Lucio Cardoso Pinho commented
We use this feature to our customers who have Fortigate. Currently we offer Sophos XG, but this feature is really useful.
We need it