Allow wildcard domains for enforced TLS when sending email. e.g. Force TLS to all *.gov.uk domains.

UTM had the option to create multiple Sophos Connect policies for managing configuration files from the GUI. Each policy could have customised settings relevant to that connection.

Now you're required to download the Connect Admin tool to configure basic things like 'Allowed Local Network(s)', Client DNS Suffix, Auto-Connect Tunnel etc. etc.

This should be added to the WebAdmin GUI like it was in UTM.

Being that the SSLVPN is based on OpenVPN could you please add a freeform text field to the SSLVPN page under Advanced that would allow us to enter custom server configuration parameters? Better still would be the ability to view and edit the entire config file itself but that may be asking a bit much.

It would be really awesome if you could add the Alternate Shell parameter to the RDP Bookmark setup so we can have an RDP bookmark that launches a shared application on a server. Since you took away our HTTPS bookmarks this is our only real alternative, to share a browser application via RDP that points to the website we wish to publish a bookmark to.

When you create a profile to allow an Admin User to connect VPN tunnels that does not apply to the SSLVPN tunnels, only IPSec. Either create a separate SSLVPN category or add a line for it, or simply include it in the generic "Connect tunnel" right.

Would be awesome if we could specify a file as the initial directory so a bookmark could be used to download a single file such as a Mac VPN client directly from a share or FTP folder.

Please add the ability to configure/deconfigure ports as Discover/TAP ports from the UI.

couldn't been able to fetch report of mac-bind users, as we are using windows dhcp, so if you can allow web usage report of mac-bind devices,

Hi,

In the Control Center the VPN status is displayed as "down" even if the VPN is part of a failover group.

I believe a vpn should only have its status changed to down if it is a vpn active by the administrator and not part of a failover group.

Currently, the ability to customise the Webserver Protection block page messages is not present.

When the WAF (Web application Firewall) blocks a page, it returns 'page cannot be display'. This should be customisable.

The AntiVirus engine on the WAF should also be customisable on the block page returned.

Need Report to Get Details about which VPN User Logged in With TimeStamp, Source IP Address, and Resources accessed during the remote Session.

Please provide an option where everyone can add their own favourite DDNS provider. Just a provider field and query url text box as input would do. This works fine for Synology DSM.

Query URL Variables:
HOSTNAME: Hostname
MYIP: IPv4 address
USERNAME: Username/Email
PASSWORD: Password/Key

Example:
Service provider: provider_XYZ
Query URL:
https://ddns.provider.org/update?hostname=HOSTNAME&myip=MYIP

This is regarding your service request number 9358300.

Just to reiterate, we have taken the following steps to resolve the issue:

1. You reported the reports for WAN usage filtered for monthly is difficult to understand as the scaling is large Due to which you are not able to read the reports




2. Guided you that the feature you are requesting is handled by development team and to place a feature request at ideas.sophos.com

Im Punkt Sicherung & Firmware unter dem Tab Firmware gibt es die Möglichkeit die Sophos XG zurückzusetzen, ich halte es gefährlich das man hier die Sprache auswählen darf, denn es kann im "Eifer des Gefechts" passieren, das man denkt das man hier die Systemsprache der Sophos XG ändern kann, dabei setzt man das ganze Gerät zurück, vielleicht sollte man, wenn überhaupt die Sprache nach dem Drücken auf Übernehmen setzen lassen.

Recently we have create a new ticket with Sophos support (#9307623) and they confirm that 'at a time a user would be part of one group'. It leads us to the hard way when having 2 websites which are needed to be authenticated with 2 domain groups, and from them, we have multipla users who are belonged to these 2 groups as well. Therefore, we can not separate to authencate these ones properly.

I suggest Sophos should improve this feature to make customers easy to configure many authenticated websites appropriately.

Thanks.

Hot Spot to be able to Authenticate from Routed IP subnet. Subnet that differs from hostspot interface IP Subnet.

we need the feauture that we can tunnel the System-traffic like Pattern Updates , U2Date etc. through the upstream proxy.

Unfortunately, this is currently not possible

A more granular permission setting than read-only and read/write in web- and content filtering would be great: distinguishing between ADDING a new category, activity or URL to a web policy or REMOVING an already existing one is often needed by clients.