DNS NAT

Hi Roman,

let us examine what your are trying to do. NAT all DNS traffic, very good, but your firewall/NAT rule does not allow ping to your test will fail.

If you want to test your DNS rule using ping you will  need to add ping to it.

Ian

Sure, Ive been testing it adding ping to NAT policy - no positive result. "Request time out" ;)
So i should get responds while im pinging 8.8.8.8 Am I right ? Cuz with NAT implemented in XG i got a little bit confused ^^

Hi Roman,

you will also need the ping in the firewall rule.

A copy of my NAT rule, there is also a KBA on this subject.

Ian

So you are using this policy to NATing DNS traffic ? As I want ? -> if so its VERY weird from logical perspective as Sophos named it ^^

There is something wrong with my firewall rule. I changed it a week ago and since then it not working.

Now that you raise that question, the logviewer shows the traffic as still going to 8.8.8.8 even after going through the NAT rule.

I need to find the original document that I built the rule using that configuration.

Ian

Ok, well ill also try figure out how to solve it. But look a thos Video.

There is a short time where he shows how to do it.

FROM 5:30

Thank you for finding that video, that was part of what I was referring to and there should be a document showing step by step as shown in the video.

I think I saw it in the EAP which is no  longer accessible. I am seeing the redirects, just not the translation.

Hopefully one of the Sophos support staff will assist.

Ian

Thank you for finding that video, that was part of what I was referring to and there should be a document showing step by step as shown in the video.

I think I saw it in the EAP which is no  longer accessible. I am seeing the redirects, just not the translation.

Hopefully one of the Sophos support staff will assist.

Ian