Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 6 subscribers
  • Views 5494 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Question Sophos UTM as Internal DNS Server with Domain.local

Sally

Hello,

I have some questions to the DNS Best Practice Configuration https://community.sophos.com/kb/en-us/120283 as I use the UTM with domain.local

 

Hostname: mysophos

 

Network Definitions:

Name: mysophos

Type: Host

IP: 192.168.0.1

DNS Settings: mysophos.domain.local

Reverse DNS: marked

 

All other Devices like Laptop, Printer, Access Point in DMZ, etc. are created as Host Definitions.

 

Network Services DNS

Allowed Networks:

Internal Network

DMZ Network

 

DNS Forwarders:

DNS Group – Availability Group with Cloudflare DNS 1 and Cloudflare DNS 2

User Forwarders by ISP – not checked

 

Request Routing:

domain.local to mysophos

 

My questions, with the setting request Routing domain.local to mysophos and created host definitions would this be enough for the internal dns resolution or do I have to add the 168.192.in-addr.arpa record for all networks as well, or just when I would like to have the names instead of ip address in the reports? Would this be the fastest way for Internal DNS Resolution with the UTM?

 

How can I check that the created DNS Forwarders to Cloudflare are working correct?

 

Thx



This thread was automatically locked due to age.
Parents
  • 0

    or do I have to add the 168.192.in-addr.arpa record for all networks as well?

    Yes, you need   in-addr.arpa. dns request route to you  internal dns server to. For Local UTM DNS entries you can activate this option:

    Definitions & Users > Network Definitions > Network Definitions>>DNS Settings>Reverse DNS

    + and all your Client DNS Settings should point to the UTM obviously

     

Reply
  • 0

    or do I have to add the 168.192.in-addr.arpa record for all networks as well?

    Yes, you need   in-addr.arpa. dns request route to you  internal dns server to. For Local UTM DNS entries you can activate this option:

    Definitions & Users > Network Definitions > Network Definitions>>DNS Settings>Reverse DNS

    + and all your Client DNS Settings should point to the UTM obviously

     

Children
  • 0 in reply to MrBleidd

    Thanks a Lot for your Information. 

    The Reverse DNS Settings for the Devices I had already created. 

    I added yet the in-addr.arpa records for all the Networks + DMZ pointing to the UTM

     

     

    The Internal Resolution works now fine. But the defined Forwarders of Cloudflare are not taken. Instead the ISPs Forwarders are used.

    I defined the Availability Group with the Cloudflare DNS Server under Forwarder, and disabled Use forwarders by ISP. 

     

    Is there anything else what I have to do that the URM take the Cloudflare DNS Servers? 

     

    Thx

    Best regards

    Sally

     

     

     

     

     

     

     

Unfiltered HTML