VPN and Dynamic DNS dont work in Bridge Mode

Seems like an actual bug to me? Anyone ran into similar issues?

For passing traffic, the XG in bridge mode is just a layer2 device, so it doesn't come as a surprise to me that you can't terminate VPNs on the XG.
Passing through VPN traffic should be possible...with proper firewall rules in place.

Im not talking about terminating VPN on XG. Im talking about XG IP assigned on Bridge Interface not being available in DynDNS and VPN Config file (that gets downloaded from user portal). I can manually edit the VPN config file and add XG IP assigned to Bridge as a remote and it connects without problem. I can ping that IP and connect to XG Admin and User Portal on that IP (one assigned to Bridge Interface).  

If i was to delete Bridge, and assign same IP that Bridge had to the WAN interface, then that IP will show up in DynDNS and VPN config files.

Please look at the screenshot above for DynDNS configuration. Interface dropdown is empty - there is nothing to select even though FW has WAN IP. 

Luri,

this is not a bug but a limitation design. Dynamic DNS is not supported when XG is deployed in bridge mode (if the WAN is bridged).

See the KB:

https://community.sophos.com/kb/en-us/123276

Please vote the feature request:

http://ideas.sophos.com/forums/330219-sophos-xg-firewall/suggestions/16903630-bridge-like-utm9

When I discovered I could believe that those basic features are missing. Cyberoam has the same bridge limitation.

[:@]

UTM9 does not have this sort of limited design!