Lucar Toni
My feedback
-
102 votes
-
169 votes
-
382 votes
An error occurred while saving the comment -
127 votes
An error occurred while saving the comment Lucar Toni
commented
You could move to SSH Keys and resolve this audit issue.
-
132 votes
An error occurred while saving the comment Lucar Toni
commented
As far as i know, everything should be possible in V18.0.
-
147 votes
An error occurred while saving the comment Lucar Toni
commented
Actually both requests are implemented into XG Firewall.
XG knows all backend groups and match them against firewall / proxy etc.
It syncs all groups while authentication - This method should be more efficient compared to a static scheduled task. Each and every authentication process (you login, STAS refresh the auth etc.) will resync all groups. -
89 votes
An error occurred while saving the comment Lucar Toni
commented
https://community.sophos.com/xg-firewall/b/blog/posts/xg-firewall-v18-mr3
V18.0 MR3 supports AD Groups.An error occurred while saving the comment Lucar Toni
commented
Hi all,
just a small workaround: You could actually roll out the SC for all users (select all users) and block / limit the access by the firewall rules with AD Groups.
In this setup, each user could actually build up a connection, but only can access your facilities, if he is in the proper firewall group.
The Firewall rules supports a AD groups. -
152 votes
An error occurred while saving the comment Lucar Toni
commented
There are some improvements in V18 already.
https://community.sophos.com/products/xg-firewall/sfos-eap/sfos-v18-early-access-program/b/blog/posts/sophos-xg-firewall-v18-eap-3-firmware-has-been-released -
870 votes
This feature is under consideration for a future release, though a target version or timeframe is not yet set.
An error occurred while saving the comment Lucar Toni
commented
PS: Since V18, you can build a reliable NAT redirect to any source, you like.
-
2 votes
An error occurred while saving the comment Lucar Toni
commented
You can select a FQDN for Digest since V17.5 MR8.
https://community.sophos.com/products/xg-firewall/b/blog/posts/sfos-17-5-mr8-released
Is this the feature you are looking for? -
136 votes
An error occurred while saving the comment Lucar Toni
commented
I am quite a fan of using the CLI. Maybe as a workaround, using wget.
https://lifehacker.com/how-to-test-your-internet-speed-with-a-terminal-command-1364123567 -
53 votes
We are currently considering how best to do this in a way that is effective and retains as much useful reporting functionality as possible.
Lucar Toni
supported this idea
·
-
26 votes
An error occurred while saving the comment Lucar Toni
commented
Would be possible, if you disable the RED created DHCP server and create a new one.
Workaround for those, who need this feature.Lucar Toni
supported this idea
·
-
29 votes
An error occurred while saving the comment Lucar Toni
commented
Hi, would be possible with Synchronized Heartbeat instead of MAC.
-
26 votes
An error occurred while saving the comment Lucar Toni
commented
Hi Andrea, Iftop and other advanced troubleshooting commands are included in MR6.
Cheers Luca
-
29 votesLucar Toni
supported this idea
·
Just some ideas to resolve this today:
You can work with SNAT / DNAT to give specific IPs always the same IP.
You can work with user based Firewall rules to allow a certain User to access resources.