we migrated last week to Sophos XGS3100. Now i am on the last steps - configure remote access for our users.
I am very surprised that unfortunately no IKEv2 profile can be stored in Sophos Remote Access Feature. I search the topic in these forum and see people will beg for these feature since 3-4 years.
Now i want to ask Sophos: Why aren't they able to implement a standardized protocol within several years?
We pay thousands of euros for an next generation firewall and then we need to use an IKEv1 protocol which are insecure?!
This is not the only reason why I am very amazed. Also SNMP Monitoring is an joke. We can only monitor interface state, but logical things like monitoring an ipsec phase1 and phase2 is not possible? Sorry but other firewall vendors have these features since 10 years.
Thank you for contacting the Sophos Community.
IKEv2 is in the backlog to be addressed on v19.5 under NC-14133