Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 22 replies
  • Answers 1 answer
  • Subscribers 14 subscribers
  • Views 53802 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is a limit of 50 IP addresses still realistic for home use?

Paul C

I've recently started using a UTM 9 home license on a small firewall appliance (Intel J1900-based). It's working well, and I'm definitely a fan. However, I'm immediately running into the 50 'user' (really IP address) limit.

We're a typical family of three, admittedly a gadget-heavy household, but not ridiculously so. I expect that's likely to be a common trait of anyone sophisticated enough to want to run Sophos UTM 9 at home.

In short, I've exceeded the 50 IP limit by over 10% without even trying. Which surprised me at first, when I started counting the devices I've added to my network over the past few years, sure enough, the count was correct. For example: three eero WiFi units, 5 small 'web smart' network switches (i.e. each has a web interface), A/V receiver, four DVRs, two HDHomeRun Prime network tuners, two smart TVs, a Sonos system, a printer and an all-in-one, standalone doc scanner, two Nest thermostats, the main '24x7' Linux server, plus a small Synology and Qnap NAS, Xbox 360, nVidia Shield TV, security camera, sprinkler controller, SmartThings Hub, Roomba ...that's 32 IP addresses, before we even start talking about laptops, tablets, smartphones, kindles, etc. Even my Smartwatch requests an IP address...

As I understand it, the Home license allows 50 IP addresses, period. The only way past that limit is to purchase a commercial license, whose costs runs to four digits for even a subset of the functionality provided in the home license. If that understanding is correct, either I have to work around this limit by putting some devices on a NAT'd subnet (which seems counter to the spirit of the license), or give up and go elsewhere. Which would be a shame, the only other negative I've come across is the complete lack of UPnP port forwarding (yes, I fully understand the controversy - but believe it's a solvable problem).

I see the value being offered, and would happily pay to increase that limit to 100 or 150 IP addresses (say $99 or $149?). I'd rather not pay a subscription personally, unless it's significantly less per year. But I don't have either option, it seems.

Thoughts?

- Paul



This thread was automatically locked due to age.
  • 0 in reply to PaulTaylor

    I live in Silicon Valley and work from home :)  I'd be the first to admit my network isn't typical, but the number of IoT devices is the main contributor here, and that's something definitely on the rise.

  • 0 in reply to rfcat_vk

    I'm not saying you did - but Sophos does.

  • 0 in reply to Paul C

    Depending on what features you plan on using the XG would be a better fit.

    Home limit 4cpu (as fast as you can) and 6gb of ram.

    Most of your devices only require simple internet through the proxy and you can setup rules for the other devices to provide specific protection.

    V17b is due for release in about 3 weeks, maybe 4 and it is supposed to have many improvements, but still not up to UTM standard.

    A number of us diehard beta testers are waiting with baited breathe to see what is actually delivered?

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Have been running Sophos UTM 9.5 in a home environment and simply love everything about it EXCEPT for the Active IP list that is visibly populated by IPs that do not even exist for a device on my LAN.  Am unable to trace many of the Active IPs to devices anywhere on my network.  Have set a DHCP range from x.x.x.10 to x.x.x.40, and am creating static IPs outside of that range for other devices.

    Recently attempted to migrate from UTM 9.5 to XG Home in order to overcome the 50 IP limit.  Unfortunately found it to be cumbersome to configure and support to still be a bit lacking.  Examples of functionality that work painlessly in UTM for home use would include such things as QoS and Source Nat (SNAT) which I simply couldn't implement in XG.

    Look forward to XG's continued maturity or a viable migration tool.

  • 0
    Hi, am I wrong or doesn’t exist something similar: Purchase a normal networking license for e.g. SG 105 will be that price and allow everything a normal home user would require? Or swap to business essential license, I only need OpenVPN additional, which I could move to my Synology.
  • 0 in reply to ChristianHeutger

    ChristianHeutger said:
    Hi, am I wrong or doesn’t exist something similar: Purchase a normal networking license for e.g. SG 105 will be that price and allow everything a normal home user would require? Or swap to business essential license, I only need OpenVPN additional, which I could move to my Synology.
     

    There's so much more in the Home use license than just the firewall and VPN. In fact you almost get the complete package for free (web filtering, firewall, VPN, Wireless, IPS, mail-protection, etc.

    I must admit, that some features are hardly ever used in a home situation, but at least firewall, VPN, web-filtering are features that a lot of home-installs are using and are usefull.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

  • 0

    After 2.5 years (Thanks Sophos!) of using UTM9 for Home Use, I am now exceeding the 50 limit.  For me, it is ip cameras and wemo switches causing the greatest pain.  Media streamers are next in line.  I totally understand the limit and appreciate what Sophos does.  The reality is that I will have to move to another platform soon because I can't justify a business license.  I have a lot of time invested in getting everything working while keeping it as secure as possible.  Like others, I would be willing to pay something but that small amount of money doesn't change anything for Sophos.  I get that.  So I guess my question is if anyone has insight at Sophos to know if this topic is known and if there is any chance they are considering something.  If not, I have enjoyed it and will have to move to something else soon. 

  • 0 in reply to 69ragtop

    If these are wireless IOT devices, perhaps using a consumer grade router/ap might be the ticket.  As far as utm is concerned it's only doling out a single IP even though you may have a dozen clients behind it.  Maybe configure the router so there's full access lan<>wan?

  • 0 in reply to Jay Jay

    Thanks.  I understand that option.  However, I have three APs that serve all wireless needs.  One IOT AP would not provide the necessary coverage.  I also am very uninterested in playing games to circumvent the 50 (55) IP limit.  While a double NAT on Wemo switches may not be a big deal, it is just unneeded complexity.  I could use the resources (time and money) to just transition to a decent router that supports the number of IP addresses I need.

  • 0 in reply to 69ragtop

    Couldn't agree more.  This is precisely what lead me, in a home environment, to pursue a replacement to Sophos UTM.  Candidly, IMO Sophos XG Home is still a bit too immature for me.  Understand it's all a matter of opinion and personal preference.  Needless to say, I went with an established competitive offering for which I willingly pay a minimal annual fee and haven't looked back.

    Again, I appreciate Sophos business model is geared towards business.  Certainly not criticizing this.  Inevitably, I was willing to pay an annual subscription to not have to cobble together workarounds to game the system.

    In event Sophos offered such an option in the future, I would certainly consider returning to their platform.

Unfiltered HTML