This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNS and DHCP

My local network is very naive.

I have no AD; just a bunch of 40 Windows 7 computers plugged into the physical network (with a couple of Windows 10 and Linux boxes as well).  There is no Windows server of any kind, and no DNS server aside from the Sophos box.

I have a SG310 between my local network and the general internet.  My DNS and DHCP configuration is thus:

  The address of the Sophos port to which my local network is connected is 192.168.1.1

  Network Services | DNS:
    Allowed networks = my local network = 192.168.1.0
    DNSSEC validation is checked
    DNS Forwarders are 8.8.8.8 and 8.8.4.4
    Not using forwarders assigned by ISP
    nothing else is configured

  Network Services | DHCP:
    The interface is set to be my local network
    The DNS server 1 is set to 192.168.1.1.
    The DNS server 2 is 8.8.8.8
    The default gateway is 192.168.1.1.

This is about as basic as it gets.  And I suspect that more people than are willing to admit it have a similar setup.

My question is: is this setup correct?  In particular, is the DNS configuration under DHCP correct?

I think that DNS server 2 of 8.8.8.8 is totally wrong, but before I take it away I would like a second opinion.



This thread was automatically locked due to age.
Parents
  • Hi Len and welcome to the UTM Community!

    I 100% agree with DKKDG.

    If you have any Request Routes or any ways of resolving FQFNs to local IPs, you will want to  disable DNSSEC.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Hi Len and welcome to the UTM Community!

    I 100% agree with DKKDG.

    If you have any Request Routes or any ways of resolving FQFNs to local IPs, you will want to  disable DNSSEC.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data