Configuring VPN Remote Access for the first time on your Sophos XG Firewall? Check out this useful Community post!
Advisory: Sophos XG Firewall - Antivirus service stopped due to failed pattern update. Please visit this KBA for the latest updates
Sophos Wireless v2.2.1-2 introduces a number of enhancements to improve the hotspot functionality. You can now customize the session time for each device which connects to a hotspot using social login and also configure the maximum device connection limit for voucher-based hotspots. Additionally, there are few bug fixes which will enhance the overall user experience.
New Feature/Enhancement :
Using this feature an admin can set a time limit for network access of between 1 and 24 hours for users connecting to an SSID using social login through Facebook or Google. This feature also allows an administrator to prevent the user from logging back into the network for a 24 hour period once the allocated session time has expired to prevent continual use. The configuration page is shown in image-1 below.
When creating the vouchers for your hotspot you can now configure a limit for the number of device connections using a single voucher as shown in Image-2. The number of devices per voucher can be set to between 1 and 8. If more devices than the allocated limit try to connect, the user will be redirected to a hotspot login page and see an error message.
Synchronized Security with Sophos Mobile now has three health states similar to Security Heartbeat with Sophos Endpoint/Intercept X. You can configure a new status as ‘yellow’ which allows all internet traffic with a warning message when synchronized security identifies that a mobile device has violated a low severity compliance policy. This new status will be shown on the Wireless device page and also in Sophos Mobile as shown in Image-3 below.
Synchronized Security: AP certificate is generated on every AP reboot
Session timeout: Intermittently connected clients never get disconnected post session expiry
Synchronized Security: Internet traffic was not blocked for Red state mobile devices if clients connect and disconnect multiple times
Sites: User unable to add more than 50 site entries.
Captive Portal : iOS-based clients don't get captive portal auto pop-up for custom logo configuration.
Rogue AP Detection: Neighboring networks scan is not performed on 5 GHz when a scan is triggered.
Sites: User can create duplicate Site on the Sites page
Sites: Some Access points do not get country code based on geolocation
Workaround : User can reboot the access point if the wrong country code is populated on the Sophos Central access point page or the user can assign the correct site through the Sites page.