This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Issues with internal domain name when using Web Protection

Hello.

I followed this best practice: https://www.sophos.com/en-us/support/knowledgebase/120283.aspx to setup my DNS using my AD DNS server aswell. Issue im having now is, when i goto an internal webserver like http://system it wont work, i get an error from sophos "host not found". When i goto http://system.local.domain it works fine. Im not sure why this is, can anyone help/explain?

Thanks!



This thread was automatically locked due to age.
Parents
  • Add the "search domain" option to your UTM. Either way, you should bypass your proxy for your internal hosts as well

    Web Protection - Filtering Options - Misc

    Search Domain - Search domain: You can add an additional domain here, which will be searched when the first DNS lookup returns no result ("NXDOMAIN"). Then, a second DNS request is initiated which appends the domain given here to the original hostname. Example: A user enters http://wiki, meaning to address wiki.intranet.example.com. However, the URL can only be resolved when you enterintranet.example.com into the Search domain field.

Reply
  • Add the "search domain" option to your UTM. Either way, you should bypass your proxy for your internal hosts as well

    Web Protection - Filtering Options - Misc

    Search Domain - Search domain: You can add an additional domain here, which will be searched when the first DNS lookup returns no result ("NXDOMAIN"). Then, a second DNS request is initiated which appends the domain given here to the original hostname. Example: A user enters http://wiki, meaning to address wiki.intranet.example.com. However, the URL can only be resolved when you enterintranet.example.com into the Search domain field.

Children
  • This is my preferred solution, appending the Search Domain within the MISC options of the Web protection, resolves the issues many see when trying to access internal resources after implementing the device.  In addition, it means that all traffic is accounted for rather than being bypassed/ignored.

    ==

    When in doubt, Script it out.