Sophos Central Public Update Cache using FQDN

Hi,

i have many endpoints that can't update from sophos cloud (restricted network)
I have installed update cache on one of my servers its internal IP let's say 10.X.X.X and the hostname is myserver.internal.local and this server also has a public static IP assigned let's say 6.X.X.X and it has a public domain pointing to that server let's say mycache.domain.com

the problem is that the endpoints are on completely different network not on the same region as the update cache

is there any way i can make sophos central distributes the public domain or the public IP to the endpoints instead of the internal of the hostname

Because when i installed a cache the rest of endpoints got the update cache by hostname (myserver.internal.local ) which is non resolvable from the site i have those endpoints

My scenario is the same as this one https://support.sophos.com/support/s/article/KB-000033792?language=en_US

Please note that i don't have nor i can't setup a site-to-site VPN

I only needs my endpoints to have an update cache that's reachable publicly as mycache.domain.com:8191


I opened a ticket with the support but i am getting no help they only thrown me a KB articles which i have read thousand times


Please Help



Added TAGs
[edited by: Gladys at 3:51 AM (GMT -7) on 29 May 2023]
Parents Reply Children
  • Hello Ahmad,

    it is not necessary to give a domain memberserver an internal domain name. In fact, it has only be able to reach the ADS controller as the first DNS resolver and to have the reqiured ports open to reach the ADS services.

    So you could have:

    ad1.mydomain.local and ad2.mydomain.local as your ADS/DNS

    and cacheserver.public.com with a separate DNS-record inside your local DNS-systems.

    Be aware, that all other resources in your public domain (in our example xxx.public.com) must be resolved by your internal DNS server, when querying form internal at your main site. But this is little to no effort and one time only.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.