This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL VPN DNS Registration for remote workers

We use Sophos SSL VPN for our remote workers which works great except for one issue. When they connect they get a IP assigned to them from the "Virtual IP Pool". This does not update our internal domain DNS servers with their new IP address and worse yet it seems to give a different IP address each time they connect, unlike a typical DHCP server that will give the same IP address to the same client.

Most of the remote users are windows 10 workstations and I have played with the DNS registration settings on them trying to get them to update the DNS server but the workstations don't seem to update the DNS server when they get reconnected no matter what settings I use.

Anything I can do to make this work better? Not having their correct IP address registered in DNS means a lot of our automated tools for managing these workstations don't work because the only sure way to tell what IP address they are using is to look at the Sophos Admin page - Remote access list.

Dan

This thread was automatically locked due to age.

0 BAlfson over 3 years ago
Hey Dan - welcome back!

Take a look at a post I did earlier today. Depending on how you have DNS configured (DNS best practice), you might be able to use one of the following:

Use the first trick and then manually change the IPs in your domain server.

Another option with quasi-fixed SSL VPN pool IPs is to create Host objects in the UTM with fixed IPs and to assign them DNS hostnames.

Any luck with either of those or the NAT trick in the post I linked to?

Cheers - Bob
Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel