We have several endpoints which are not part of our domain, but do exist on another part of our network. We would like to have them update from our main Sophos server ("sophserv") as well as be managed by same. (Yes, all references will be sanitized lol.)
The other network is NAT'd to external addresses, and uses an external DNS. We have addressed this issue by adding in appropriate DNS entries. So, when on the other network, you can now ping the SEC by the name "sophserv.mycollege.edu".
I have done some reading on the forums about this issue. I believe our issue is with the mrinit.conf file which is being handed out by the "sophserv" server. When the server was initially set up, it wrote the following lines into mrinit.conf:
"MRParentAddress"="internal.non-routable.address,sophserv.internal.dns,sophserv"
"ParentRouterAddress"="internal.non-routable.address,sophserv.internal.dns,sophserv"
Unfortunately, none of those addresses will resolve externally from the "external" network. I've read about editing the registry on the client to use the -ORBDottedDecimalAddresses 0 and &hostname_in_ior=sophserv.mycollege.edu but it did not work.
I've also read:
I guess what I need to do is to set up a custom CID so I can have a testing area WITHOUT affecting production. (Actually, if this were the best approach, I'm good with these machines having their own "space".) Am I on the right track? I've been looking on how to create a custom CID (rights, etc) but haven't found a good article. Next, what would the steps be? For example:
1) create custom CID w/custom mrinit
2) create package referencing custom CID in #1
3) deploy package to test systems
4) test
I hope this was clear enough - if you have any questions or need clarification, please let me know.
This thread was automatically locked due to age.
