XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

XG Firewall

Suggest, discuss, and vote on new ideas for Sophos XG Firewall. The next thing in next-gen.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Radius 802.1x Authentication on RED Ethernet Ports

    Control the Network Access on RED Devices on the Ethernet Ports.

    If deployed in, for example, a home-office I cant control the Network Access for devices that are not company owned devices.

    Right now the only possibility is sophos endpoint, but then I cant use IP Phones or any other non Windows/Linux/Mac device.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  2. SSL VPN able to reach computer devices by computer hostname

    Once connected to SSL VPN, user will still be able to reach internal computer or server by hostname

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  3. User activity connection polling after SSL VPN or Sophos Connect IPSEC

    User activity connection polling after SSL VPN or Sophos Connect IPSEC

    Remote workers with a full TUNEL connection forget to turn off the VPN even though they are done. Consequently, an unnecessary connection is created on Sophos.

    Users who have a Full TUNEL connection with Sophos VPN or Sophos Connect can be notified in the computer application once an hour or at specified periods.

    The connection can be terminated with the user's option of not continuing to work.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  4. SSL VPN Client Error Disabled State

    SSL VPN client not getting disconnected automatically after internet disconnection. Hence it is going in error disabled state and user has to restart their pc to connect to VPN. It should be disconnected automatically once internet connection goes off.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  5. SSL VPN Client Error Disabled State

    SSL VPN client not getting disconnected automatically after internet disconnection. Hence it is going in error disabled state and user has to restart their pc to connect to VPN. It should be disconnected automatically once internet connection goes off.

    0 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  6. L2TP notifications separate from IPsec notification

    Previously, in v17, enabling notification for IPSEC VPN would only send alerts for IPSEC tunnels. Once we upgraded to v18, we noticed that we were receiving alerts when a remote user connects using L2TP too. Ideally more granular alert options are enabled for VPNs, so that we can disable L2TP alerts.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  7. SSL VPN Port 8443

    I created a port forwarding rule from external port 8443 to internal 443, without thinking that SSL VPN is using 8443 already. XG is not complaining about this and creates the rule. So VPN is not working any more. It could be helpful if XG firewall would show a warning or an error before saving this to running config.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  8. Domain Name by SSL Policy

    It would be great to have the possibility to add différents Domain Name by VPN policy, for case of Firewall mutualisation for various customer with multiple AD

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow in SSL VPN to be able to put the fixed ip to a client.

    Allow in SSL VPN to be able to put the fixed ip to a client.

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  10. Separate VPN alerts from system events

    Currently, all VPN established and terminated events are reported to Sophos Central as system events. This means that the normal behaviour of users logging in and out of a dial-up VPN is given the same alert treatment as a critical CPU, memory or disk event.

    Please provide additional granularity under System Services - Log Settings and under System Services - Notification list so that VPN established and terminated events can be treated separately from other events and, in particular, that dial-in VPN events can be treated differently from fixed link VPNs. (We would want to raise an incident if a…

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  11. RED - Changing/Adding Red Configurations/Prevent other REDs device disconnections

    When dealing with multiple REDs devices, it would be important not to drop the connection of existing REDs devices when changing/adding a RED configuration. Currently, if you change/add a red configuration, as soon as you save, all RED connections drops for a few seconds and affects all remote offices for connection-sensitive applications/processes (like Remote Desktop).

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  12. Sophos XG, RED Monitoring

    Hello,

    We have Sophos XG 135 and 4 RED Devices. I built a crash scenarios when Internet connection of RED Devices is unsuccessful by adding 4G router before the RED.
    1. Sophos XG 135 sends email notifications but this is not enough for me as it sends them only to one email address. In Administration => Notification settings => Email settings.
    a. Proposal 1: Sending an email to more than one specific recipient. For example: Administrator who is responsible for the internet connection should receive notifications only for the internet connection. Variables that can be corrected should be added to…

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  13. usable VPN App for Android

    We need a VPN app for Android that can be distributed and configured via Sophos Central and can connect to an XG. This must be able to handle "VPN on demand" (Android Enterprise).
    Central can already distribute certificates via SCEP, but neither the XG nor Central can create a useful, secure, easy-to-use VPN configuration for Android.
    This is ridiculous

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  14. 1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  15. Sophos Connect Client integration with Mac to allow SSL VPN config

    Sophos Connect Client 2.1 integration with Mac to allow SSL VPN config. This currently works great on Windows but is not supported on Macs yet. Why not? Please keep me posted if this changes in the next MR for the XG.

    7 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  16. Auto-reconnect feature for Sophos Connect

    For remote access VPN, when the internet connection fluctuates, the VPN disconnects and users need to re-enter their credentials to connect again. It would be great if there was an auto-reconnect feature which would allow the VPN to reconnect automatically without user intervention when the internet is stable again.

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  17. SSLVPN on ARM processor

    New notebooks are now based on ARM processors and they are not able to support SSLVPN

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  18. Ignore vendor-id check in site-to-site tunnel configuration

    To configure an IPSEC site-to-site tunnel, when the remote vendor ID does not match the remote IP address, this needs to be manually searched for in the strongwan.log file and inputted in the configuration for the tunnel to be established. It would be great if we had the option to ignore this check from the firewall.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  19. SSL VPN

    when access VPN --> Show VPN Setting then select SSL VPN and try to modify any setting related to Port or Override Hostname, then click on apply

    nothing happened, there is no any notification to say this changes applied or failed

    the current version is SFOS 18.0.4 MR-4

    any help please

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
  20. Application Based Split Tunneling

    Ability to exclude specific Subnets or Applications from a Full Tunnel Sophos Connect VPN Connection.

    Described at the Microsoft page here. -> https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-vpn-implement-split-tunnel?view=o365-worldwide#2-vpn-forced-tunnel-with-a-small-number-of-trusted-exceptions

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  VPN and RED  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 13 14
  • Don't see your idea?

Feedback and Knowledge Base

icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.