Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

VPN: IKE V2 Support

IKE V2 is the newest innovation to IPSec and makes using of mobile clients a lot easier. I wish to integrate IKE V2 as soon as possible.
See: http://tools.ietf.org/html/rfc4306 (RFC 4306)

498 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    feichhornfeichhorn shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    26 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • coewarcoewar commented  ·   ·  Flag as inappropriate

        That's actually my request. But none-the-less... we abandoned this product and company and use straight up StrongSWAN and it works awesome.

        Again, if you need help with this: ithelp45-astaro@yahoo.com

      • Adrien BelcourtAdrien Belcourt commented  ·   ·  Flag as inappropriate

        IKE v2 is required for Azure.
        IKE v2 is needed by credit card clearing house VPN.
        IKE v2 is supported by Fortinet, Checkpoint, Dell (SonicWall), Cisco, Juniper, Watchgaurd who are all of the UTM Competitors in the top 3 of 4 Gartner Quadrants.
        IKE v2 is supported by Windows.
        IKE v2 is supported by the current StrongSwan code used in Sophos UTM.

        All new feature delivery is through Copernicus but not available in V9. V9 currently has EAL4 certification, so is clearly not going away. Why no development in such a key EAL4 certified product? Copernicus is not even going to have parity to V9 till Summer 2016 (earliest). IKE V2 is a critical area that needs to be addressed to protect sales until Copernicus has moved past the early-adopter stage of product development.

        This should be linked with Balfason’s request to “Upgrade to modern version of StrongSWAN which uses charon instead of pluto”. The combined votes would make it the number 4 feature request here.

      • Anonymous commented  ·   ·  Flag as inappropriate

        I don't think they care. They are just milking UTM as much as possible until they eventually kill it off.

      • Anonymous commented  ·   ·  Flag as inappropriate

        We're forced to use IKE v2 because of Azure. If it takes any longer for the implementation of IKE V2 we are forced to replace our (and our client's) UTM's for more advanced VPN routers (unfortunately). Come on, IKE V2 has been available since 2005!

      • SadnessSadness commented  ·   ·  Flag as inappropriate

        We just bought fortinet 200Ds to replace all of our UTMs to complete our cloud projects. Thanks Sophos, keep on losing one customer at a time!

      • Anonymous commented  ·   ·  Flag as inappropriate

        Apparently, Sophos believes that wireless mesh support is much more important in a firewall than supporting modern IP security protocols, since this is the component they seem to focus most of their patches on. At our company, we are evaluating various "cloud vendors" as we consider outsourcing a few of our high-uptime resources to a hosted platform. I have already excluded one of the vendors, specifically because they use Sophos UTM's for their perimeter networking.

      • Kevin NKevin N commented  ·   ·  Flag as inappropriate

        Thomas +1 - that is what we are in the middle doing. ike2 has been out for years. Ever since Sophos purchased Astero there has been a decline in feature and fixes. Moving to a new FW all because of this.

      • Thomas LichtensternThomas Lichtenstern commented  ·   ·  Flag as inappropriate

        I think you can Forget IKEv2 Support here.
        Recomendatio is to go and replace UTM with other FWs, we did it and it works fine too...

      • Anonymous commented  ·   ·  Flag as inappropriate

        We are wanting to connect a ton of Sophos units to Azure - luckily we stumbled across this thread before spending the hundreds of thousands of dollars. Any ETA on when this will be added Sophos so that you might retain some customers?

      • coewarcoewar commented  ·   ·  Flag as inappropriate

        Forget it. I closed the deal on Sophos a while ago and just use the ipsec software they use directly which is stronswan.

      ← Previous 1

      Feedback and Knowledge Base