Hello, I came across this thread https://community.sophos.com/products/unified-threat-management/f/management-networking-logging-and-reporting/32566/solved-dns-best-practice#pi2353=2 , and tried to adapt my config like you recommend, but i have some…

When creating a new entry (Definitions & Users > Network Definitions) and specifying the Type as Host and Under DNS Settings enter a Hostname and check Reverse DNS, no workstation cannot ping the entry using the specified hostname. I can ping the IP Address…

So here is our current setup. Since we upgraded to 9.5.09-3 we have been having delays with DNS. In the Firewall logs I can see the DNS requests going out but the DNS in Windows sometimes comes back without results. I am testing right from the GDC server…

Hi! Upon launching Sophos UTM 9 in amazon AWS, it will auto-generate the Public DNS in this format: ec2-XX-XX-XX-XXX.compute-1.amazonaws.com [XX.XX.XX.XXX -> Public IP] However, we needed to change the domain compute-1.amazonaws.com into our company…

I have domain xxx.xx. One apache server for host xxx.xx and www.xxx.xx (192.168.1.6); one domain controller with name ad.xxx.xx (192.168.1.5). I used DNS Request Routing to forward ad.xxx.xx to 192.168.1.5 it runing ok; but when i set DNS host name…

Hi everyone, I know there are threads addressing Chromecast issues, but I have tried all of the suggestions in those threads and can't seem to get mine working with the UTM. My HP printer, cell phone, and Mac Book all pick up wifi just fine, but Chromecast…

There have been multiple posts about the IPS alarms for suspicious DNS queries, especially alarms that occur when a lookup is attempted on a free-registration domain like .TK or .ML The logic of DNS blacklisting makes sense: It is easier to block a…

I have two Exchange 2013 Email Servers internally. Now I want all requests coming from "intern" to be split between these two servers. I have to set up the server load balancing and create a DNS entry in the Sophos UTM. The UTM is the DNS-Server for all…

Hi folks, just installed my new UTM 9.5 at home, everything runs fine so far except one thing. Whenever I open an website which is using fonts.googleips.com, then this request runs in a timeout, webprotection log sais "blocked". The website will open…

I've been doing some network refreshing over the past week. Today I spun up a new DHCP server pointing to new DNS servers. The setup is pretty straightforward - we have two VLANs phones and data. The new DHCP and DNS Servers worked fine on the Data…

Hi There, I am configuring a UTM to be used at a remote site on the end of an ADSL line. I have a testing ADSL line here at HQ so am trying to get everything working before shipping the hardware to the remote site. I have configured a site-to-site…

Need some help! I inherited an old problem of having our company domain and website with the same name. In order for employees to access our company website in the past we setup a DNS A record pointing www to the external IP address. That broke yesterday…

Good Morning, We had a strange problem with our firewall this morning. We could not access the internet from within our network (web page could not be displayed) yet I could ping the websites both by their IP and their url. I could also ping the firewall…

Hello guys, I´m planning add my own name server for my domain. Just for testing in my lab. Is there any option to protect this server which will be opened to the Internet with Sophos UTM? I´m using IPS and name server will be in DMZ but is there any…

Hi, I am trying to set local DNS I want to achieve this hostname IP DNS windows1 192.168.1.2 windows1.local.domain.com game1 192.168.1.3 game1.local.domain.com ubuntu1 192.168.1.4 ubuntu1.local.domain.com …

Recently, I have been thinking about DNS security. This seems odd, since DNS lookups are unauthenticated. But DNS security definitely needs to be part of the implementation decisions. UTM DNS is an integral part of defenses for users on the Internal…

In the past few evenings, my network connectivity has been compromised. Last night I narrowed it down to DNS. The UTM would nor could not resolve DNS despite changes to the DNS forwarders, rebooting etc.... I just added DNSsec to the config. How might…

Hi, I have 2 external interfaces: a) WAN b) VPN concentrator I have my static routing configured correctly to route traffic accordingly. Basically everything goes to a) except for some stuff, which goes to b) (a couple of specific networks). …

This is possibly a very silly question, but... When setting up, for example, the DNS forwarders in UTM, what's the effective difference between using an availability group vs just specifying the different hosts in the target servers list?

Hello I have a UTM but when wanting to do a Network object, it does not solve the Balancers (AWS ELB) and it does not solve the names like google.com, etc, making the requests in support tools I throw a ping and it does not solve the error of (The ping…

Hello, We have 3 RED networks (working in split mode) which include multiple windows hosts. The users RDP into those windows hosts. Everything works however, we want to be able to assign hostnames to our hosts so that users don't have to remember the…

Seit dem Update 9.504-1 habe ich Probleme mit der Namensauflösung unter ipV6. Vom Provider (Telekom) sind V6 Nameserver vergeben. Diese werden auch angezeigt. Ich kann auch per Telnet darauf connecten das funktioniert alles wunderbar. #dig -6 @2003…

Hello, I'm running Sophos UTM 9.503-4 on a pcengines APU board behind a FRITZ!Box Fon WLAN 7360. The UTM is configured as exposed host on the Fritz!Box and the UTM provides DHCP and DNS for my LAN. There are no other DHCP or DNS servers and I don't…

I'm trying to wrap my head around a Problem that a customer of ours brought up to me. He has a Central-IT that has a 100M syncronous Line with static IPv4-Adress(es) and a 50M V-DSL Backup-Line with a dynamic public IPv4-Adress. In the central office…

I have a UTM running under a Hyper-V VM server. We have 2 branch offices using a RED10 and RED15 no split mode. I've been unable to connect to the remote site PC's using the FQDN of the PCs in question. The remote PC is on IP 192.168.66.10 with…