Need the ability to have Policy Tester use MAC address or host name as well as IP address. Currently it only returns true results if an IP address is explicitly part of a rule, i.e. the host name being affected is defined by its IP address and not its MAC address.

once delete the gateway, all SD-WAN policies that using this gateway as the primary gateway will be removed at the same time without any prompt.
if you delte the gateway as a backup gateway, In sd-wan policy will become None, thay very friendly.

The "Primary gateway" and "Backup gateway" in the SD-WAN function are important attributes, but they cannot be displayed intuitively in the SD-WAN policy summary page. You need to click in to see them. The user feels very inconvenient.

It would be very helpful if the logging from all modules would be available in one pane, one line per connection with all info from all modules.

At the moment there is no way to redirect HTTP to HTTPS automatically for User Portal. Since the configuration is inside a APACHE httpd.conf file, it should not be difficult to implement it. Thanks

DNAT linked nat rule.

The DNAT itself was best in 17.5 and will not require any additional changes. With current XG18 scenario please enable at least DNAT linked nat rule.

v16 had a nice and simple wizard to use. With v18, the DNAT wizard is poor in terms of graphics and options you can select. WAF has became a action and customers are not able to find without asking or google it. Please bring the "old" wizard and the old different icons, as the idea of having different icons and wizard was nice. I also suggest to have a wizard for SD-WAN inside firewall policy. You can change Firewall tab to Policy Tab.

Please, Allow the creation of Application based Rules just like with any NGFW competitor.

Currently on XG v18 you need to setup the service, then the web filter, and for last setup a Application filter just to block/allow something.

Allowing to create the Rule directly based on the application instead of the service would allow for much better management of Sophos XG.

Add local service ACL exception rule to allow for a custom service to be added and selected. i.e.: Ubiquiti discovery service UDP 10001 ACL exception for device access.

Working with the XG DHCP-Services is quit exhausting. It could be much easier if there were a possibility at the IPv4- and IPv6-Lease-List to change an existing dynamic Lease to a static IP/MAC-Mapping.
Additionally a kind of "sticky" DHCP Mapping - were devices get always the same IP-address as long as the range is not exhausted - would make troubleshooting much easier!

When you are configuring something using the web interface you can't see the firewall name unless you are in the dashboard. It would be nice to have the firewall name at the top of the web page.

Can you show Network Interface up/down status at Main/First Screen
(Control Center --> Interface)

Can we please increase the size of the box used to show the Firewall rules to something larger that 5 rules?

Making it expandable either manually or automatically as you expand or collapse rules..

Please add the modification for hotspot voucher templets and captive portal registration page

Please integrate Let's Encrypt. I remember an anouncement at one of the first XG Roadshows that new features will be provided for xg and later maybe for sg. But SG gets Let's Encrypt first and un XG we waiting for it since years....

Unless I'm mistaken, experience taught me that restoring from backup will not re-populate reserved IP addresses based on MAC.
This, combined with the manual-only method of entering reserved IP's makes for a lot of work in situations where a long list of reserved IP's exist and need to be kept.
Could this please be reviewed?

Hello all, could you add the option to turn on/turn off an IPv4 unicast route? UTM v9 has had this feature for years and I think for many reasons other administrators would welcome it too.

Thank you in advance
alda

Sophos XG should display the Name of Exception on results of Policy Tester.
If You test a policy, the result show only which exceptions skips is applied.
So, will be very nice if show the name of Exception to troubleshooting.