This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM 9 and Network definition question

HI,

I want to create a new Network Definitions for some hosts for multiple IPs

I can add for every IP Address a new host, But I don't want to do that. I have created a DNS Host, but it does not work,

Regards



This thread was automatically locked due to age.
Parents Reply
  • I did define on the DNS Server, but I descripted, the client machine is getting different IP Adress and my application cannot work if IP address is changed, So how can I create a Network definition as DNS Host? I can add on the UTM 9 under "Network definitions" a Host and put there one IP Address. 

Children
  • The Gateway (=firewall) cannot force the client to use a specific IP address for a host, if you don't use it as your DNS-Server.

    Or I completely misunderstand your request...

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • exactly that what I want. But I can add there one Host and one IP. My client machines, getting three or more IPs (LAN,WLAN, VPN)

    How can I add all the IP address there? 

  • Use an object like this and define the three A-records on your internal DNS-Server

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • I think, the solution you send me, is not so what I want. I don't want to add any A records on the DNS server. Because the DNS record were deleted on the DNS Server, if the IP address on the client machine is changed

  • What are you trying to solve?

    Sounds like you want to establish some kind of "secure" application access only from specific systems.

    If so, you shouldn't rely on dynamic IP adresses, instead you should use DNS names like I already suggested.

    These could have different IP-addresses depending on the network you are in. This is done by "views" in BIND.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.