The idea is to block by default certain file types, and instaed of just blocking, I would like to add the possibility to download them, by using an admin password, this way, when the user faces this, an Admin can go and type the password to download the file.

I already saw this working on other vendor, but do not rember which one...

Diagnostics/Troubleshooting

Able to block file-transfer in Anydesk

Hello Team,

We have customer here requesting to have on XG firewall an option to assign each user for SSL VPN remote for specific WAN interface if XG has multiple ISP

It would be helpful to be able to view multiple firewall rules in the gui log viewer filter portal simultaneously. Current behavior is only a single firewall rule can be in the filter at a time.

The SATC solution doesn't work on RDS/Citrix server in combination with the Sophos Central Endpoint with the Web Protection feature enabled.

kindly add loopback interface and ip sla features in v18. loopback interface is need to use in bgp and "ip sla" is needed for link high lentency failover.

The L2TP VPN currently does not allow multiple users connecting from behind the same NAT address. This adversely affects people attending a meeting or conference away from the business as only one attendee can use the VPN at a time. It also means that the first user is disconnected without warning when a second user attempts to connect.

IPS Policy rules category for Linux based Web Servers.
Select rules category to apply for Linux Based Web servers.

Hello Team,

We have customer here requesting to have option under reporting to generate top 20 Web Users showing the amount of data used and active time spent. For your assistance please.
Thank You.

i want Sophos ssl vpn auto reconnect when restart pc .that feature was availble on cyberoam but its not working on sophos .

please kindly add this feature on next firmware.

Hardware OTP tokens are currently only supported with SHA1 algorithm on XG firewalls. An option like in SG to change the algorithm between SHA1/SHA256/SHA512 on a per-token base would be very useful.

OpenVPN wants to be able to store passwords, just like the Sophos Connect client.
Please improve.

Remote VPN supports IPsec and SSL-VPN.
SSL-VPN can specify a segment with a 20-bit mask, but IPsec cannot specify a 20-bit mask.
I want to be able to specify other than 24-bit mask in IPsec.
Please improve.

It would be very helpful if the logging from all modules would be available in one pane, one line per connection with all info from all modules.

Hi, Can SNMP OIDS be added for below please?

• Internet connection status - status of gateways


• Status of ports


• Status of ipsec tunnels

thanks

Actual, when you choose "Create firewall rule" in IPSec Config, one rule from zone any to zone any is created.

it would be much better, when a rule for each direction is created, in the first rule: souce zone vpn, in the second rule: dst zone vpn.

when you build an ipsec tunnel from 10/8 to 10/8, your internal traffic would now be allowed too, when you use multiple 10/8 networks.

At the moment there is no way to redirect HTTP to HTTPS automatically for User Portal. Since the configuration is inside a APACHE httpd.conf file, it should not be difficult to implement it. Thanks

DNAT linked nat rule.

The DNAT itself was best in 17.5 and will not require any additional changes. With current XG18 scenario please enable at least DNAT linked nat rule.