So I've been an UTM/Astaro since v6 (first at work, then also home when the home user license came along). About two weeks ago I decided I wanted to test the new XG Firewall Home Edition, and just reinstalled my UTM server with XG 15.01.0. Here is my findings, like bugs, typos, questions and suggestions. I did not know here else to put it.
System > VPN > SSL VPN Settings > I was able to set IPv4 Lease range for a /27 network to 10.81.234.0-10.81.234.30. I should not be able to select the network address (.0), should I? Trying to set broadcast .31 gives me an error as it should: "You cannot enter a network broadcast IP for End Lease IP Address"
Objects > Policies > IPSec > No explaination
Objects > Policies > IPsec > Unable to rename a self created policy (only duplicate and delete)
- Seems to go for lots of pages, including
- Web Filter Policy name
Objects > Policies > Web Filter >
- (default) No Online Chat > Has duplicate rules inside
- 'No web uploads' should probably be written 'No Web Uploads' to be the same capitalization as the other rules
System > Diagnostics > Tools > Ping > Interface > The list is not sorted, nor in the order of creation, so just kinda random.
Objects > Content > Application List > Name: Torrent Clients P2P > Typo in description: "... Torrent protocol. Ea ch client is capable ..."
Objects > Policies > Web Filter >
- 'No web uploads' should probably be written 'No Web Uploads' to be the same capitalization as the other rules
Please add shortcuts to the navigation - It's imposible to navigate back to last page you where on by clicking on the "path" under the page title; Like wanting to go back to the list of policies by clicking on "policies" when you're in "Objects > Policies > Intrusion Prevention"
Objects > Policies > Traffic Shaping > Too many slow-band shap policies maybe? from 2KBps to 512KBps only.. and a big bunch of small variants.. What's all these for anyway as a default?
Objects > Hosts and Services > Services > It's almost impossible to get a good overview or search; only filter on name. Not good enough
System > Network > DHCP > Should be a way to make a dynamic lease static directly, instead of editing the server config
System > VPN > IPsec > Endpoint Details > Should be on two lines so that the Remote part doesn't get "crushed" into the local dropdown. Minor cosmetics
System > VPN > SSL VPN Settings > Unable to select both TCP and UDP
System > VPN > SSL VPN Settings > Unable to select which port to be used. Is it default 443 (tcp) and 1194 (udp)?
System > Administration > Settings > No exceptions for 'block admin'
System > Administration > Backup & Restore > No options to do backup to more than one type. What if I want local, ftp AND email?
System > Network > Interface > Not possible to set Jumbo Frames? only says 576-1500
LAG - Why must my Lag0 itself have an IP? Doesn't make sense, at least it didn't in UTM
LAG - Why can't I convert a normal ethernet interface into a lag?
LAG - Why can't I start with a lag of one interface? This would at least make up for not being able to convert
LAG - The only way I was able to create a Lag0 on my 3NIC firewall was to enable admin on WAN and take down ethernet Port0 to join int with Port1 for lag setup. Thats not a good solution.
I don't know if some or all of this has been raised before - this is just what I did take note of when I was going through the entire XG GUI to get a feeling of the configuration.
It will take some time to get used to it. Hopefully I won't have to fall back to UTM9, but for the time being I'm having some firewall policy issues with my cloud backup software connecting outbound; but that I will ask about in another post.
This thread was automatically locked due to age.
