XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ability to Ping actual RED IP

    It would be good to have an IP address on the actual RED itself that can be ping'd from a management system to get some idea of online status. I've just discovered that the interface IP for a RED appears on the XG and not on the RED. I.e. if you turn off the red, you can still ping the interface IP for that particular RED.

    Apart from email notifications or checking the XG GUI, there appears to be no way from a central point (e.g. SNMP monitor) that a RED is online/offline etc.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  2. Ability to see status of cellular interface

    The ability to see the status of the cellular interface to ensure that it is registered/connected to the cellular network as well as signal strength to aid in general troubleshooting (e.g. -65dBm, Idle or similar) (not just when the RED is running on cellular failover) as well as initial device placement etc.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  3. Option to monitor health of RED via SNMP

    The option to monitor the health of RED via SNMP. Specifically individual port traffic on the RED itself (not just the single RED interface on the XG) as well as WAN and failover status so that a site does not inadvertently get 'stuck' in failover mode and consume excessive cellular data.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  4. Use LTE connectivity instead of only 3G/GSM/UMTS on RED

    I noticed that when configuring a 3G/UMTS failover for a RED appliance even with using a Sophos 3G/4G expansion module module, that there is no option to actually use LTE connectivity, only GSM exists at this time it would seem.

    Support has confirmed in fact that the failover is in fact only GSM = 3G UMTS

    It would be good for RED to use or have the option to use LTE connectivity given that GSM/3G/UMTS is yesterday technology and 3G in my country has its days numbered (3G network closure announced for 2024).

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  5. Create a schedule to turn SSL Site to Site VPN on and Off

    Some of the competitors allow for Site to Site VPN connections to be turned on and off by schedule. For example, nights and weekends when people arent using the connections. That would be good for small offices.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  6. The internet is not accessible for the remote machines which connected behind RED-15 machine while XG is down

    Kindly allow the traffic for the RED-15 appliance as a switch while it is not connecting to XG.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  7. Ampliar rutas máximas con Sophos Connect

    Poder tener más de 100 rutas configuradas con Sophos Connect ya que actualmente solo permite 100 o poder modificarlo manualemente en la configuración.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  8. Resizing vnc-HTML5 screen resolution

    Hope that sophos improve the auto-resizing screen resolution when you connect through html5 to a vnc pc

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  9. L2VPN

    More and more companies implement DR and multi site. L2VPN allows simple networking for cloud and server.

    2 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  10. chromebook ssl vpn - openvpn implementation

    Maybe have your developers put together a chromebook client package for the SSL vpn. There's one for Windows, OSX and I haven't tried but suspect openvpn on Linux would be fairly easy to get working. Or maybe make a small change in the firewall which would allow the addition of at least a second protocol and port for the SSL vpn (UDP, 1194 specifically).

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  11. XG Client to Third-Party Private VPN Service

    We need the ability to connect the Sophos XG to a third party private VPN service (NordVPN, PIA, Proton VPN). The XG would function as a client connecting to the service.

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. Restrict VPN access only to devices that are in a specific domain, or that have Sophos Antivirus installed

    Today, if the user downloads the VPN application, he can install it on a personal computer, which should not have this access and in this way, it would be another point of security for companies that only the company's computers have. access, or just the equipment that has Sophos antivirus, which could be validated through heartbit security

    8 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  13. Allow to define at what time the user can connect via SSL VPN

    Today too many companies need to define at what time the user can connect via SSL VPN, for example, users can only connect during business hours from Monday to Friday

    6 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  14. L2TP VPN - Enable OTP

    We have purchased XG firewall for our customers in order to further secure their VPN tunnels by implementing OTP in addition.
    They have been using L2TP tunnels created using the native VPN provided with Windows 10 - very convenient and easy to use and also supports IPsec PSK's too.
    However, XG firewall DOES NOT support L2TP when enabling OTP / MFA.
    OTP works fine with the portal and enables syncing the OTP generator, but does not need the OTP pin when connecting the L2TP VPN - i.e. L2TP VPN continues to work as before.
    I was trying to avoid installing…

    3 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  15. Multiple VPN gateway for Sophos connect

    In instances where thousands of users need to connect to the company network especially now that a lot of users are WFH . It would be great to utilize multiple ISP links available when connecting to the company network. This will enable for creation of different profiles for different company sections while at the same time eliminating the single point of failure

    12 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  16. RA VPN enhancements

    VPN agent must have functionality:
    > Scan/read OS patch status, version.
    > AV agent name, version.
    > Windows FW & Defender status.
    > Logon history tab, so that user will know who and when was previous logon done from their system, agent must also fetch from NGFW, is there any other user logged in from same account from a different machine. This also helps in identifying unauthorized logon attepts.
    > Diagnostic tab on VPN agent similar to XG for TShoot.
    > Dark Theme UI.
    > If multiple ADs are configured and those ADs have diferent domains then VPN agent must…

    18 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  17. IPSEC interface tunnel is hided on LAG port

    When I established IP Sec tunnel Interaface with LAG on WAN, they can't show Virtual Interface of IPSEC tunnel. Please update to show ít on LAG port.

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  18. IPSEC interface tunnel is hided on LAG port

    When I established IP Sec tunnel Interaface with LAG on WAN, they can't show Virtual Interface of IPSEC tunnel. Please update to show ít on LAG port.

    0 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  19. RED Tunnel Sorting improvements

    Please improve numbering and allow sorting and filtering of RED tunnels so that they are no longer listed in the order of 1, 10, 11,100,101, 102,..., 198, 199, 2, 20, 200, ...
    When I list my REDs on 17 it is by tunnel ID sorted similar to above.

    When I look at the sorting in version 18.0.1, it shows the Branch Name, the tunnel ID is now invisible, but, the hidden tunnel ID is still the information that RED's are sorted by.

    You could add leading 0(s) to the 1 and 2 numbers numbers and show the Tunnel ID in…

    1 vote
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  20. sophos connect

    Can we've an option to integrate AD with Sophos Connect same as SSL VPN?

    4 votes
    Sign in Sign in with Log in with your Sophos ID
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 11 12
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.