Hello everyone,
on our UTM we have configured an SSL VPN Pool (10.242.2.0/24), which in itself seems to work fine for all our employees.
Now we have got one problem which are the DNS entrys. At most we have around 100 employees working over VPN connection, so the DHCP of the Sophos UTM should be able to give everyone an unique IP-Adress from the Pool. Instead we have multiple IPs that are given to multiple Clients e.g. the IP 10.242.2.25 has 5 different Clients , 10.242.2.27 has 3 Clients and so on.
While this does not seem to be an issue for our employees regarding the work they have to do, it makes Software Deployments over VPN nearly impossible, because our Software does not know to whom it has to connect.
Since it is not possible to configure anything for the VPN Pool, let alone see the DHCP entrys or lease times given by the UTM, I don't really know how to tackle the issue. A "solution" would be to set the lease of an IP to a very long time or even make it static, since we only got 100 Clients there would still be plenty of IPs free. But this does not seem to be possible.
The scavenging intervall is set to 2 days, which further contributes to the problem, as some employees make short 15-20 min. connections and then terminate it. Leaving the entry on the DNS, because there is no mechanism that deletes it after a connection has been terminated.
It is the exact same issue that is discussed in this topic: https://community.sophos.com/sophos-xg-firewall/f/discussions/119486/duplicate-vpn-ips-in-dns
Really appreciate any help!
This thread was automatically locked due to age.
