I just found this cool new (so far) undocumented Feature which avoids prospective Certificate-Error-messages when user are accessing the Captive Portal. Tought, I want to share this positive message with you :)
I just found this cool new (so far) undocumented Feature which avoids prospective Certificate-Error-messages when user are accessing the Captive Portal. Tought, I want to share this positive message with you :)
This feature was console only and only allowed either interface ip or hostname. Nice to see it in the GUI.
Emile
Yes we added it originally as console only. Once we had a little more confidence in it and decided how best to put it in the UI, we moved it. The console option no longer exists and the setting migrated during upgrade.
Note: If there are any issues with the certificate working for WebAdmin but not for Captive Portal, please try uploading it as PEM format with the certificate chain separate and let us know if that resolved it. I had one report but we need customer samples if there is a problem.
Maybe I praised the new feature to early, because it does not seem to work in Email Quarantine Report.
I configured my XG Firewall to override the Hostname as the following:
In Quarantine Report, the Hostname is not overwritten, and QuarantineReport uses IP instead:
Its very important to have there the configured Hostname as well. So the users wouldn't face a Cerficate Error Message when they want to release false-positive Spam Mail.
Please send me Spam gueselkuebel@sg-utm.also-solutions.ch
Correct, right now this is for Web only. I do not know the plans/timelines for Mail.
You can vote for the email feature here:
https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/17478376
Michael Dunn said:Correct, right now this is for Web only. I do not know the plans/timelines for Mail.
You can vote for the email feature here:
https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/17478376
Do not believe this is suitable as a feature request, the switch to FQDN for hostname should be feature complete across the XG not piecemeal. If this is not already on the roadmap for an upcoming release, it should be as part of the original switch.
This just adds to a list of features implemented improperly on the XG, the Quarantine system should draw it's target from the XG primary hostname and not have a separate system for itself. Modify the listener, yes, but it should be picked up like the Captive Portal as you are making more work for yourselves down the line.
Emile
Michael Dunn said:Correct, right now this is for Web only. I do not know the plans/timelines for Mail.
You can vote for the email feature here:
https://ideas.sophos.com/forums/330219-xg-firewall/suggestions/17478376
Do not believe this is suitable as a feature request, the switch to FQDN for hostname should be feature complete across the XG not piecemeal. If this is not already on the roadmap for an upcoming release, it should be as part of the original switch.
This just adds to a list of features implemented improperly on the XG, the Quarantine system should draw it's target from the XG primary hostname and not have a separate system for itself. Modify the listener, yes, but it should be picked up like the Captive Portal as you are making more work for yourselves down the line.
Emile