Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 31 replies
  • Subscribers 34 subscribers
  • Views 2490 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG / XGS ongoing issues list

Steve Klassen

Hi there,

I've been hesitant with moving from SG to XGS. I did dip my toe into the XG pool by setting up one location with an XG Firewall, however the experience was poor. So I'm currently planning a hardware refresh with SG for the next 3 years as I still think XGS is half-baked. I'm aware that XG is old, and XGS is a newer version and might be better, than XG, however...

Issue #1 - I have had many issues with our XG router not renewing it's WAN IP when the ISP changes it. I hear this is still an issue in XGS.

Issue #2 - There is no release/renew for any interfaces. I hear this is still an issue in XGS. And yes, a workaround is to assign a static IP, and then remove it... but if SOPHOS can't correct something simple like this for years... I can only imagine what other issues that I don't know about are also still un-fixed. 

Issue #3 - I use one of our SG devices as an internal relay for our Copiers. I have a consultant that deals with SOPHOS across many client businesses, and they've told me that they gave up on using the mail relay on XGS as it has been unreliable. They moved their clients to a paid mail-relay-service because of how poorly it works. 

These are some of the issues I recall off the top of my head. I'd be interested in feedback on these issues.

Also if anyone knows of other problems like these, that I may not be aware of, please add them to this list.

Thanks 



This thread was automatically locked due to age.
Parents
  • 0

    I found a new issue... another issue that should not be an issue. 

    So I wanted to test out a static routing change on an XG Firewall. I needed to disable a route... then build and apply a new one, before confirming that it was working. I didn't want to delete the route in case it had some negative ramifications, so that I could quickly revert back if needed. And wouldn't you know... you can't disable a static route in XG. It's not possible. Your only option is to document the settings and delete it. I mean seriously... why are basic functions just missing or broken on XG. We have an active license and maintenance...

    And of course... I take a look at my SOPHOS SG Router... and HEYYYY toggle buttons for static routes. I can disable and enable whenever I need to.

    Am I missing something? Or is SOPHOS just doing a bad job here? Can someone confirm this is still missing on XGS?

  • 0 in reply to Steve Klassen

    You can / should move to SD-WAN routes anyway. Those are far superior and you can disable them as well. In most scenarios, they are working more effectively. Depending on the scenario you are using. For example, you need a gateway for SD-WAN Routes. In Static routes, you need to do this every time. In SD-WAN you are using the already created GWs. 

    In your example: Create a GW (your Gateway CDK router), then create those 3 routes as SD-WAN Routes. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    So to confirm specifically on this one... the ability to disable static routes is available on XGS?

  • 0 in reply to Steve Klassen
    Steve Klassen said:
    the ability to disable static routes is available on XGS?

    Isn't possible, you can only add or delete.

    If a post solves your question use the 'Verify Answer' button.

    XG 115w Rev.3 8GB RAM v19.5 MR1 @ Home.

  • 0 in reply to Prism

    So when LuCar Toni confusingly implied that "you can", he meant... "you can't". And here is a workaround... Perfect. Clear as mud.

    Thank you Prism for clarifying.

    I don't understand why SOPHOS won't do improvements to avoid these negative issues so migrating to XG/XGS is a "no-brainer" rather than an exercise in the issues and and "what i'll lose" by doing it. I know there are benefits... but if there weren't issues, then it would be a slam dunk. And ALL of these complaints are within SOPHOS' ability to fix. And they don't??? 

    It just doesn't make sense, and it concerns me greatly about their dedication and speed on fixing issues in general, if these issues are not being addressed. And each time I use XG/XGS, I stumble across more.

    Sigh... it's monday. 

Reply
  • 0 in reply to Prism

    So when LuCar Toni confusingly implied that "you can", he meant... "you can't". And here is a workaround... Perfect. Clear as mud.

    Thank you Prism for clarifying.

    I don't understand why SOPHOS won't do improvements to avoid these negative issues so migrating to XG/XGS is a "no-brainer" rather than an exercise in the issues and and "what i'll lose" by doing it. I know there are benefits... but if there weren't issues, then it would be a slam dunk. And ALL of these complaints are within SOPHOS' ability to fix. And they don't??? 

    It just doesn't make sense, and it concerns me greatly about their dedication and speed on fixing issues in general, if these issues are not being addressed. And each time I use XG/XGS, I stumble across more.

    Sigh... it's monday. 

Children
  • 0 in reply to Steve Klassen

    He's telling you to use the new SD-WAN function instead of static routes, with SD-WAN routing you can disable/enable them as you wish.

    But for static routes it isn't possible. (you can't disable/enable them.)

    Steve Klassen said:
    I don't understand why SOPHOS won't do improvements

    No one knows, if you do please let us know here in the community.

    If a post solves your question use the 'Verify Answer' button.

    XG 115w Rev.3 8GB RAM v19.5 MR1 @ Home.

  • 0 in reply to Steve Klassen

    You can turn SD-WAN routes ON and OFF, have a look yourself here:

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to jprusch

    It is indeed available for SD-WAN, but the question has specific about why It isn't available with the static routing function.

    Edit: Removed some content since It shouldn't be discussed in here.

    If a post solves your question use the 'Verify Answer' button.

    XG 115w Rev.3 8GB RAM v19.5 MR1 @ Home.

  • 0 in reply to Prism

    It is about the question, what to implement first and what is actually not that important in the long run. Such features like disabling Static routes could be potentially some point in the future, but there are certain other features, which are more important like securing the customer. 

    The full focus of Sophos is to implement security features in the long run. In the current state of threat landscapes, it is important to focus on security first. 

    The list of features to implement is rather long and the development resources are limited. Therefore you have to decide, what is important and what can be in the backlog or the future. 

    Focus are security first, features second. And features could be something, which is potentially wanted by everybody and then scale down to rarely used features. Disabling static routes in the times of dynamic routing (OSPFv3 and BGP) and SD-WAN routing seems to be a dead end for the long run. 

    __________________________________________________________________________________________________________________

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?