Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 1045 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG - SSL VPN - block-outside-dns

Mokaz

Hi all,

Just making some testings on the v18 XG. I can't seem to work out a working SSL VPN remoe access configuration that would prevent all end point external DNS requests but the XG SSL VPN server pushed "internal" DNS server.

My rules are working, resolution towards the internal server from a road warrior end point works --> nslookup www.ibm.com 172.16.16.16

Although, Windows boxes will still use the previous SSL VPN connection establishment locally set DNS server, in fact what I'm looking for is the OpenVPN block-outside-dns parameter.
Is this available?Is this possible?

I'm currently using the Sophos SSL VPN client, will try with the OpenVPN fat client as a manual block-outside-dns injection within the .ovpn file didn't work with the Sophos fat client.

Let me know,
Cheers,
M.



This thread was automatically locked due to age.
Parents
  • 0

    Okay the OpenVPN fat client (2.4.9 something) accept the block-outside-dns parameters on Fund0ws 10 boxes. My DNS requests from an OpenVPN fat client equipped road warrior are now geared the to XG internal server.

    Frankly, what's the purpose of an SSL VPN if the local ISP is leaked with all your DNS requests ??

    Anyways, could move on.

    Thanks,
    M.

Reply
  • 0

    Okay the OpenVPN fat client (2.4.9 something) accept the block-outside-dns parameters on Fund0ws 10 boxes. My DNS requests from an OpenVPN fat client equipped road warrior are now geared the to XG internal server.

    Frankly, what's the purpose of an SSL VPN if the local ISP is leaked with all your DNS requests ??

    Anyways, could move on.

    Thanks,
    M.

Children
No Data