Hello
At first my DNS setup:
- I have Sophos UTM 9.603-1
- DynDNS is configured
- The DNS feature is configured for internal and VPN networks
- I setup OpenDNS servers as Forwarders
- No special routes configured
- Internal DNS resolution works from all networks
- Internal networks are allowed to access the Internet by any protocol
- Network traffic to the internet from internal networks is Nat-ed
- One of my VMs is a DNS server
- Nameservers of my domain point to my DynDNS addresses
- DNAT is configured tp forward incoming traffic on 53/udp from the internet to my DNS server VM
- I had to configure DNAT to translate 53/udp to some other port (54/udp) because otherwise the DNS queries would have gone lost in my Sophos
- Firewall rule is configured to allow the Nat-ed traffic
- This configuration works - DNS request reach my VM and are beeing answered correctly
I can live with my DNAT workaround using 54/udp, but I got a second issue.
This configuration works - DNS request reach my VM and are beeing answered correctly
When I want to query DNS from one of my hosts in the internal networks directly to some DNS servers (for example with "nslookup - 8.8.8.8") in the internet, this traffic go to my Sophos and there it is not beeing forwarded to the specified DNS server but is dropped instead. In the Live-Log I can see that the DNS queries are beeing recieved but they are not being blocked (red).
Does anyone have an idea what I can do to fix this? Do you need any further information, details, logs?
Thank you in advance, Nando.
This thread was automatically locked due to age.