This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Question Sophos UTM as Internal DNS Server with Domain.local

Hello,

I have some questions to the DNS Best Practice Configuration https://community.sophos.com/kb/en-us/120283 as I use the UTM with domain.local

 

Hostname: mysophos

 

Network Definitions:

Name: mysophos

Type: Host

IP: 192.168.0.1

DNS Settings: mysophos.domain.local

Reverse DNS: marked

 

All other Devices like Laptop, Printer, Access Point in DMZ, etc. are created as Host Definitions.

 

Network Services DNS

Allowed Networks:

Internal Network

DMZ Network

 

DNS Forwarders:

DNS Group – Availability Group with Cloudflare DNS 1 and Cloudflare DNS 2

User Forwarders by ISP – not checked

 

Request Routing:

domain.local to mysophos

 

My questions, with the setting request Routing domain.local to mysophos and created host definitions would this be enough for the internal dns resolution or do I have to add the 168.192.in-addr.arpa record for all networks as well, or just when I would like to have the names instead of ip address in the reports? Would this be the fastest way for Internal DNS Resolution with the UTM?

 

How can I check that the created DNS Forwarders to Cloudflare are working correct?

 

Thx



This thread was automatically locked due to age.
Parents
  • For others that pass by this thread, I recommend the DNS best practice post from which the KB article linked to above was copied.  The post is updated regularly, but the KB is rarely updated.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hello,

     

    still have the issues with the forwarders, when using Policy Route Internal Network - Any - Internet Ipv4 - External (WAN), the forwarders from the ISP are taken, instead the Cloudflare Forwarders in the DNS Forwarder Availability Group..

     

    Any suggestion? 

     

    Thx

    Sally

     

Reply
  • Hello,

     

    still have the issues with the forwarders, when using Policy Route Internal Network - Any - Internet Ipv4 - External (WAN), the forwarders from the ISP are taken, instead the Cloudflare Forwarders in the DNS Forwarder Availability Group..

     

    Any suggestion? 

     

    Thx

    Sally

     

Children