This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNS Host for External IP

I have a Sophos GW with a Dynamic external IP address. I want to have my internal hosts resolve a domain to that external interface.

So, I define a host object, test.tld, and define it with a "static" ip that matches up to the external interface. From my internal network, if i run "nslookup test.tld", it resolved properly.

Problem is, that since my external interface is a dynamic IP, that host entry will be valid for a limited time only. When my external IP eventually gets renewed (and changed), I will have to go back in and find the object and re-define it. This very quickly loses practicality once you start defining many such hosts.

So how can I define a host to resolve to the external IP, regardless of what the IP actually is?



This thread was automatically locked due to age.
Parents
  • Hi,

    In situations situations where your network is not guaranteed to always have the same public IP, it is not practical to manually update the public DNS record every time the ISP dips the line and the IP changes. Thankfully, Sophos UTM supports Dynamic DNS which makes it easy to deploy these features even when you don’t have a static public IP.

    Register with a free dynamic DNS services available online. Later, configure Sophos UTM to make use of the service you just registered for.

    1. Log into the Sophos UTM Web Admin interface
    2. Select Network Services | DNS | DynDNS and click + New DynDNS
    3. Select the correct type (the service you registered for)
    4. For IP strategy select Web service (IPv4)
    5. For the hostname filed specify the hostname you defined when signing up for the Dynamic DNS service
    6. Specify the username and password for the service
    7. Click Save

    Finally, configure your router for inbound traffic forwarding on Sophos external interface.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Hmmm.... That is not at all what I am trying to accomplish.


    Let us say I have 2 Sophos gateways... 1 gateway configured as you noted above, with the dyndns and all.

    On to the other gateway... How could I define that other remote gateway? How could I add additional DNS records to additionally point to that remote, dynamic IP?

  • Hi,

    To add additional DNS record you need to buy DynDNS service package from the service provider.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Reply Children
  • Hmmmm... That's not at all what I am after. My question is totally unrelated to dyndns. Let's try again...

    Let's assume I have a remote host/server/something, which has a dyndns record, something.dyndns.org. Let's further assume that everything in these regards is fine, and nothing else needs to be done on this side of things.

    On my Sophos UTM, how would I define that remote host, something.dyndns.org?

    Further to that, how could I "add" an addition DNS record, internally only, so that something.blah, either resolves to something.dyndns.org, or just straight up that remote host?

  • Let's assume you choose "FreeDNS" and that you setup an account there for home.jdmoore0883.twilightparadox.com.

    In the UTM, on the 'DynDNS' tab, you configure for that FQDN using the "Interface" strategy.  The outside IP can always be reached with this FQDN.

    The UTM's DNS Proxy is not a fully-functional name server - there's no way to have it supply what you're asking for.  If you have your own DNS, you can create a CNAME record that points at the FQDN hosted by FreeDNS.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi,

     

    I am confuse with the setup for DNS on my internal server, to make it a Naming resolution, so every time our staff would like to check or go to our system instead of the server ip it would be name. 

     

    thank you for the help.

    appreciated 

    Von. 

  • Hi Von,

    Please give an example of what you want to happen.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi, can we continue this in the other thread you opened today?

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.