We have our L2TP over IPsec doing RAIDUS with our MS AD server. The problem is when a user connects, they can ping the servers and workstations on the network by IP address but not by name. And when I do a ipconfig /all on the machine in question that…

Hi Community, i'm facing a strange problem in a sophos from one of our customers. The SSL VPN Has beenstruggeling with long first loading times in the browser, for example we go to google.com, takes about 40 seconds to load, so i thougth it was a…

Hi all We are seeing a lot of dropping from Sophos UTM9 packages (ATP DNS) from *.hwcdn.net. Someone else? Examples; cds.f7y3z2w8.hwcdn.net cds.d2s7q6s2.hwcdn.net cds.c4s5i3x5.hwcdn.net Looks like it is from Windows Update / Microsoft…

Dear Users, I have an issue with sophos SG230. From couple of days , we tring to remove lancom router, and left only SG sophos firewall as DHCP server (before it we have vodafone modem). Unfortunetly after we connected the cable directly from Vodaphone…

Our network will consist of 5 access switches connected to a layer 3 core switch connected to a SG430. We will have several VLANS consisting of computers, VoIP phones, security cameras and card access readers. Total users will be around 100. We are fully…

When users (even me) connect via the SSL VPN client there are certain webapps that will not load without the fqdn. Examples: https://app1 = Fine https://app2 = Not Fine https://app2.domain.local.com = Fine You can ping and tracert "app2" and it resolves…

I have a basic DNS setup for a home UTM configuration. The UTM is the only DNS server and also the DHCP server. All internal devices have DNS configured with the UTM LAN address as their DNS server. DHCP is also configured to provide the UTM's LAN address…

Hello Community, we do have 2 Domain Controllers with Sophos UTM Cluster. The Domain Controllers handle DNS Services and are used by the UTM to work with DNS Hosts. We do work with DNS Host Definitions and i recently moved a Host from one VLAN…

Hello together, I would like to use the UTM home as a DHCP and DNS server. I have already configured DHCP. I use home.local as the domain entry in the DHCP settings. This is also correctly displayed as suffix in the Windows Ipconfig settings after a…

Hello together, I would like to use the UTM home as a DHCP and DNS server. I have already configured DHCP. I use home.local as the domain entry in the DHCP settings. This is also correctly displayed as suffix in the Windows Ipconfig settings after a…

Hello Everyone I have installed fresh firewall of Home Edition on Individual PC internet browsing working fine, but am unable to ping any host name from sophos like gmail/yahoo or any domain, while Ping to IP address is accessible. I have also created…

Hello all, As the UTM 9.705-7 we are using was setup by an MSP and at that time we had Exchange 2010, on premise as well. We've since moved to Exchange online and I handle all the Sophos items now. Lately we have random users receiving the following…

I decided to complicate my life (further) by switching my home-office/lab from a workgroup to a domain environment. I have both local and remote web servers and email servers. The Sophos UTM is currently acting as my DNS and DHCP servers. I am also using…

Hello, I saw already the DNS Best Practice Article and UTM Help Section, but still have questions how to change my DNS Server correctly. At the moment I use the utm as dns server, and I have already created all my internal devices as host objects with…

Hi, If I configure the ISP DNS servers in DNS>Forwarders, in which order will SG 9.7xx use them? I've read 10 year old posts here where one is saying alphabetical rule matters, others say, they found out that the shortest response time wins. Whats…

Hello I use sophos utm. I have one normal ethernet connetion and another ethernet connection that use DNSCrypt for linux. The second ethernet connection (DNSCrypt) is the same with normal ethernet connection, except that IPV4 settings I use Automatic…

Hi, my SG230 can not resolve websites that are working on HTTP. Every website that is HTTPS works fine. I can nslookup every http site properly on cmd prompt. So DNS is basically working. The browser is showing this: I enter http://wetest…

Hi everyone, i have a change request that some domain names should not be resolved from an internal DNS server but all others should. This setup is necessary so that one application can work (Skype for Business). Say we have a partner contract with…

Hi there, i have the following setup: UTM 9.5 which runs between the modem and the wlan router/switch. UTM is set up in transparent mode. I run a DNS "server"/internal forwarder (pihole, details at https://pi-hole.net/ ) at 192.168.0.115 on a raspberry…

So here is our current setup. Since we upgraded to 9.5.09-3 we have been having delays with DNS. In the Firewall logs I can see the DNS requests going out but the DNS in Windows sometimes comes back without results. I am testing right from the GDC server…

Good Morning, We had a strange problem with our firewall this morning. We could not access the internet from within our network (web page could not be displayed) yet I could ping the websites both by their IP and their url. I could also ping the firewall…

Hello guys, I´m planning add my own name server for my domain. Just for testing in my lab. Is there any option to protect this server which will be opened to the Internet with Sophos UTM? I´m using IPS and name server will be in DMZ but is there any…

Recently, I have been thinking about DNS security. This seems odd, since DNS lookups are unauthenticated. But DNS security definitely needs to be part of the implementation decisions. UTM DNS is an integral part of defenses for users on the Internal…

In the past few evenings, my network connectivity has been compromised. Last night I narrowed it down to DNS. The UTM would nor could not resolve DNS despite changes to the DNS forwarders, rebooting etc.... I just added DNSsec to the config. How might…

This is possibly a very silly question, but... When setting up, for example, the DNS forwarders in UTM, what's the effective difference between using an availability group vs just specifying the different hosts in the target servers list?