Sophos Connect Client Remote ID with certificates

Question

Hello, 
 I need some help please to understand the poorly documented settings in the Connect Client VPN Settings. I've set up a test environment with PSK and it works, but I want to improve security by using certificates. 
 My intension is to authenticate remote users with a certificate that has been issued by a CA of my control - either Active Directory or the XG itself with selfsigned certificates. 
 I understand that Remote ID is something that is identifiying the remote machine. Local ID is the identifiyer of the XG towards the remote machine. Correct? 
 But how can I set up Remote ID here in the settings of the Connect Client to accept not one global Certificate as remote identifiyer but individual user Certificates? 
 
 Can someone help with this?

emmosophos · Accepted Answer

Hello LHerzog, 
 Thank you for contacting the Sophos Community. 
 This is not possible at the moment, this would be a feature request. 
 You can use the following link to submit the feature request or vote for it. 
 https://ideas.sophos.com/forums/330219-xg-firewall?query=Remote%20ID%20%20individual%20user%20Certificates%20sophos%20connect 
 Sophos Connect also supports 2FA, so can enhance security with this feature. 
 Regards,