Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 3 subscribers
  • Views 4886 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to use DNS pool in NAT rule?

Varun Ganesan

Hi

 

I am running sophos UTM for firewall management tool. Application is hosted in AWS.

 

 

We have a requirement to NAT the internet traffic to AWS Network load balancer (NLB) and all traffic requires to use DNS names and not IP address.

 

Following is the traffic flow.

Internet Application - > Sophos UTM - > AWS NLB - > AWS EC2 instances (Application hosted).

 

I created a Network definition having following details 

Name - QMFT-NLB-Pool

Type - DNS Pool

Hostname- qmft-test-edge.domain.name (resolves to 3 IP) 

When configuring the NAT rule , I am not able to use this DNS pool in the Action after the rule is matched.

 

Can you please help me to setup DNS pool in the NAT rule.

 

 

Thanks

Varun



This thread was automatically locked due to age.
  • 0

    Hi Varun,

     

    as far as I know, it is currently not possible to set up NAT-rules with DNS-Pools. You have to set up a NAT-rule for each DNS-Server you configured in your Pool.

     

    Regards,

    Ole

  • 0 in reply to Ole Heydt

    Hi ,

    Thanks for the reply .

    My application is hosted behind a load balancer for which the external traffic should be NATed. The load balancer has DNS name and two IP address attached to it.

    So for such a requirement is there any alternate solution available if Sophos cannot use DNS group in Nat rules.

    Thanks

    Varun

  • 0

    Hi Varun and welcome to the UTM Community!

    As background for the following, see #3 through #5 in Rulz.

    As you may have guessed, this solution can't work for what you want to do.  If using the "QMFT-NLB-Pool" object in place of "External (Address)" doesn't accomplish your goal, please answer the following questions.

    Is the UTM in your location or is it in AWS?  What/where is "QuantasWiFi?"  Why would the clients in "QuantasWiFi" be going to your "External (Address)?"  What FTP client are they using?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML