The Sophos XG 201 recently purchased has the network driver manufacturer intel i40e version 1.1.23 dated 2014-11-03 more that 3 years old. Please update this to the driver intel manufacturer i40e 2.0.23 dated 2017-04-12.
The issue is that oue twiaxial wire connection is set in the sophos as unrecognized is a DEM-CB100S Dlink manufacturer and sophos set it to as I said unrecognized2 votes
All of the zones of the VPN of the connection destination are the same and different policies can not be written.9 votes
IPv6 MLD2 support4 votes
The ability to ignore Logoff requests issued by RADIUS accounting - similar to the feature found in STAS. This is because many wifi providers issue STOP frames as devices roam to RADIUS Accounting, which can cause temporary internet disconnections when roaming.4 votes
Can a feature/checkbox be added to auto-launch the VPN client upon successful authentication to the User Portal? This would simplify the user experience so they only have to login via a web-browser and not actually start a client first. Sonicwall can do this with NetExtender and simple check-box "Launch VPN Client after login".5 votes
XG does not have a anti-portscan feature. Please vote it!387 votes
It would be really nice to have a chrome extension for the XG firewall to identify a Chrome user using a Chromebook. This way we could identify user or Group to use certain rule sets. This would also be great reporting purposes.20 votes
Allowing to set application bandwidth based on the percentage of the WAN bandwidth available will make enable copying configs from firewalls with different total WAN bandwidth. Moreover will make it a less hassle to upgrade or downgrade WAN bandwidth in the future. This feature would greatly enhance the settings for MSPs or vendors who send out pre-configured firewalls.30 votes
Smtp malware scanning support with add user/network policy
Not scan smtp malware with user / network policy.
I want this function to be supported5 votes
For Sophos XG:
Routers like OpenWRT do not know the IP address when a client connects and can only report the MAC to the firewall. If this firewall is also serving as a DHCP, it can match the MACs ( from accounting message and IP lease) and thus, the Framed-IP-Address attribute is not required any more.5 votes
Couldn't find it previously suggested, so want to throw this in the mix. It would be awesome if we could host WPAD file locally on the XG unit. If I missed it in the documentation I'd appreciate if someone corrected me.22 votes
It would be useful to be able to create hotspot vouchers with starting and ending validity , and also to schedule the creation of them8 votes
Some core functionality for other wireless chipsets should be provided, even if it isn't "guaranteed perfect".
For example, ath9k (Atheros) drivers ship with XG, but cannot be loaded because of a version conflict with a dependency. Atheros chipsets are the most compatible with other linux, and considered to be "100%". The code is all there, and being used in production by other manufacturers.
Sophos XG Home isn't usable in my circumstance because it doesn't support common wireless chipsets, which is needed in my home. Purchasing a Sophos wireless appliance is possible for my company, but not for me at home!7 votes
Installer should support serial interface. It's already text-based. XG supports the serial interface once it's installed.
Lots of hardware doesn't have a GPU, such as many AMD G-series, and requires a painful hack to install it - such as using alternative hardware and hot-swapping memory, or doing a "blind install", copying keypresses from a virtualized installer. This should be a trivial improvement that would make installation 100x better!2 votes
It would be great if the DHCP configuration could be simplified.
1/ Make static IP from an assigned IP would be great.
2/ It would be nice to have a single DHCP pool with exceptions/exclusions/static assignments within that pool or outside that pool.68 votes
Please add guest access menu on captive portal like UTM 95 votes
Bring back the captive portal session timeout like UTM 9, in XG if closing the window after login is the same as logout.9 votes
Please can we have an Outlook add-in which will allow users to blacklist with a single click.
I love the daily digest which allows users to release false positives but there seems to be no function for undetected spam which makes it through.
It would be better adding if there are operating systems and device types maybe device brands in source networks and device when creating a firewall rule.
Source Networks and Devices : IOS,ANDROID, (LINUX,WINDOWS.. etc.) (Maybe dell,hp,samsung,sony, apple, asus.. etc.)
During Scheduled Time : All the Time
Destination & Services
Destination Networks : Any
Services : Any27 votes
There is no Application Specific Signature for Ring Central, which means we can't apply Application-based Traffic Shaping Policy for it.
Please add Ring Central as a defined Application.
- Don't see your idea?