Add the ability to clone NAT rules

When the XG is reporting to SNMP, view in the SNMP the interface name, desciption or branche name. Ej.
SDRED, interface reds1, branch name: Detroit Officces.
View in SNMP Detroit Offices no the interface name (reds1)

The web path /error/README is accessible from the User Portal URL and it displays the multi language custom error documents information. Pages like this are irrelevant and is not required for the User Portal to function correctly. Though unlikely that this will result in a successful attack, it still provides information to potential attackers about the system.

Removal of pages like this is appreciated.

Please add timing/schedule feature for SD-WAN policy routing configurations. Because there are several cases of traffic being passed on a certain line at a certain time.

This is most basic feature when internet provider or law enforcement institution request to block or identify user that was making illegal network activity during specified time. There is option to filter by source port, but no way to jump to a specific time frame directly, making search very complicated and time wasteful.

It would be great if the DHCP table would check the MAC Vendor and Display it.

This would make identifying certain devices in a Network so much easier.

Small solutions like a WLAN Router or bigger solutions like certain Firewalls have this feature but Sophos XG is lacking it.

Thank you beforehand.

Sophos XG210 failure to do Multiple NAT rules on IPsec Site-to-site VPN

Description:

We want to configure multiple NAT rules on IPsec site-to-site VPNs and the firewall only supports one NAT rule on each VPN. Please can we have advice on how to resolve this.

Please refer to case:ref:00D301GN6a.5003Z1DegHy:ref where support mentioned is not supported at this stage.

Also look at a previous request on this:
https://community.sophos.com/sophos-xg-firewall/f/discussions/84062/multiple-nat-on-single-ipsec-tunnel

All password fields within the XG should notify the user of the input restraints they have. They should notify a user of the min-max length.

DHCP Options configurable from the GUI (as they are in UTM 9.x) needs to be implemented in XG or it remains an incomplete product.

Why? One big reason, when managing multiple DHCP scopes, it is inefficient in CLI, need to be able to control this visually. We are managing more and more devices every day in small partner companys, we dont have time to go into CLI mode and make these changes, but a GUI makes it quick and clean to add/modify Voice DHCP Options and more.

Should be in there!

Some network equipment vendors provide zero interval icmp or tcp ping in the os. This will ping at a rate only limited by the response time of the destination with no delay enforced between pings. This is valuable for identifying packet loss due to problematic cabling or links missed by rate limited ping. At remote offices during diagnostics where this is also not available in the switch it's convenient to have it in the firewall/router rather than having to access a local computer to run psping (-i 0) or similar tool.

Sehr geehrte Sophos XG-Team,

könnt ihr BITTE BITTE die Suchfunktion beim erstellen von Firewallregeln o.ä. endlich auf eine Volltextsuche umstellen ?

Es ist extrem nervig, das hier keine Volltextsuche funktioniert.

Sehr geehrte Sophos XG-Team,

könnt ihr BITTE BITTE die Suchfunktion beim erstellen von Firewallregeln o.ä. endlich auf eine Volltextsuche umstellen ?

Es ist extrem nervig, das hier keine Volltextsuche funktioniert.

It would be excellent if there could be a tab under "current activities" that showed a real time bandwidth monitor that updated every few seconds. This would include all the WAN interfaces showing at the same time in a line graph format. It could carry over the "interface name" so you knew which ISP was taking up bandwidth for better diagnosis of bandwidth usage.

My institution would use such a screen all day. We have had several products in previous years that had such real time graphs.

The Sophos role base profile when created and assigned to a user with very limited access privileges, the same user upon login-in can see all possible menu options available to the administrator access of the appliance. The user should only be shown the main menus (left hand side) to which it had been allowed access to. The same used to work with cyberoam but not with sophos which is supposed to be a much evolved product.

The Sophos role base profile when created and assigned to a user with very limited access privileges, the same user upon login-in can see all possible menu options available to the administrator access of the appliance. The user should only be shown the main menus (left hand side) to which it had been allowed access to. The same used to work with cyberoam but not with sophos which is supposed to be a much evolved product.