Currently it is needed create one Community to each specific IP address.
It is impossible create two 'Public' communities by example to two different IP address or create a single Community String for any (0.0.0.0) Ip address.
As it is right now you must assign an ip address to an interface and then add vlans. doesn't allow you to just assign vlans.262 votes
Add support to rename Policy rules name, IPSEC and SSL VPN tunnels name, Webfilter Policy and Category objects, Application Policy and Category objects, QOS rules and all other items.
This will Improve the management, it must be default to all objects. Currently to fix a simple typo error, we must to create a new policy or category and populate all items again. A simple task can turn into a hard task.
This will be implemented in a future release. It is being included as part of a larger project, to generally improve configuration capabilities across the product. Version for release is not yet confirmed.
Add support to change SSH port access.
Add support to create SSL VPN connection to users from the specific Windows AD Group without needed to this user need login (By Captive Portal or Sophos Client) and after that associate the VPN policy.
Today, If I have a specific group from Windows AD dedicated only to VPN users, I do not get associate VPN policy to these user if they do not login first by captive portal, Sophos client or SSO, after that I can associate it into a VPN policy. But if these users do not have HTTP access, I cannot set VPN policy.
Add support SNMP via VPN without add static routes. This could be as SSH via VPN, only choose a checkbox allowing or deny the service.
Today it is needed add static route pointing to tunnel name.
This should be addressed, as part of our improvements to VPN tunnel capabilities in v17.
What we will do:
Allow XG software installer to run on XG hardware appliances, after removing current partitions (same option as UTM9)
What we are not planning:
We will not allow software install to run trivially on a system currently installed with XG.
We will not make any effort to support on-system wireless, on software installs.
The system will not report itself in any way as an XG appliance, inside the OS.
As a firewall administrator, I want the ability to adjust column width and column ordering in any log display in order to have better visibility of data I am monitoring for.
As it stands, the log display grid is not intuitive, and requires scrolling down to get to the horizontal scroll before you scroll back up to see data.
(Can be applied anywhere there is a grid display too.)45 votes
I have a very good SMB sized hardware that I use with dual core 2 gig ram ATOM processor. work well for sites with less than 100mb internet. now I cant use SFOS because it says its x86_64 only... Please allow a i686 build3 votes
At home USB NICs are ideal. Exactly the same problem we had in UTM9. Link below.283 votes
This feature is under consideration for a future release, though a target version or timeframe is not yet set.
At the moment understand what's going on is very HARD. Live logs are missing and notepad on every section is missing.
Add live log and allow admins to configure itself coloured live logs (globally or on single windows?). In this way logs have different level of importance and Admins can better understand if they need to worry about or not. For example allows Admins to set red for high-risk/denied traffic/system error, yellow for warning/natted/or whatever and so on.
I really love the live log on Firewall section of UTM9 where reading what's happen is very very easy.405 votes
Live logging in a popout window, and with color coded log lines, was released in v16. Further enhancements, such as a historical logs, a unified log viewer, and improvement of the contents within the logs is planned for v17.
At the moment, there is no way to disable/enable an interface inside SFOS.
Strange!Even using CLI menu.399 votes
This is a high priority feature, and will likely be targeted as soon as possible after v17 ships, though it is not yet committed to a release.
- Don't see your idea?