Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 23 replies
  • Answers 1 answer
  • Subscribers 31 subscribers
  • Views 2749 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos DDNS service is not updating the IP

Xebato

Hello,

I have Sophos XG106 Firewall connected to VDSL line using the PPPOE and getting a dynamic public IP address. Since yesterday I have noticed the Sophos DDNS is not updating the IP.  The service is seems to be running and in the logs I see the correct IP been updated every 5 minuts. However when I do ping or nslookup for the hostname I see always the old IP. I have configured no-ip.com account and it is currecntly working fine.

XG106_XN01_SFOS 18.0.3 MR-3# service -S|grep dn
dnsd RUNNING
fqdnd RUNNING

My questions are:

- have any one else problem with Sophos DDNS ? 

- Is there other commands to check the Sophos DDNS service ?

- How I can know if the DDNS service is running on the Sophos side ? is there a website to show the DDNS service availability (like user portal) ?

Best Regards,

Xebato



This thread was automatically locked due to age.
  • 0

    I'm also using no-ip. Just logged in to their website and see the last update was almost 12 hours ago. XG log tells there are updates every 5 minutes.

    Not sure if this is coincidence, but around the time the last update took place according to noip website was also just after the time that we had some planned downtime where also the internet connection was briefly disconnected (while XG kept running).

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0

    HI

    Yes we are experiencing the same problem. Using a XG106 on MR4. Restarted and waited a few minutes.  It does show the update was successful but it did not sync/propagate to other DNS servers.

  • 0

    Update .. I have did a new test on a nother Firewall (XG210), if you try to create a new DDNS hostname , the new hostname will be created but never will be bindend with your public IP address. I guess  the DDNS service is not working fine. More info has to be provided from Sophos support . waiting their feedback.

    Best Regards,

    Xebato

  • 0 in reply to Xebato

    You need to create the new ddns hostname on the no-ip website first before you can use and succesfully update it....

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0 in reply to apijnappels

    The no-ip was only an example that DDNS service is working fine on the Firewall. However I would like to know if Sophos DDNS service is working fine . Can you please test the Sophos DDNS and share your result.

    Best Regards,

  • 0 in reply to Xebato

    Hi

    I just tested FreeDNS and that is working fine.  Sophos DynDNS is not working

  • 0 in reply to Karel Holtzhausen1

    Hi Karel, Thanks for the confirmation, I believe the problem is related to the large maintenance that is currently running. I am not sure what are the other affected services.

    Best Regard,

  • FormerMember
    0 FormerMember in reply to Xebato

    Hi ,

    I tried to replicate this issue in my LAB, but I was able to configure DDNS using Sophos service. 

    Could you please replicate the issue and collect the following logs from your firewall. 

    SSH into the XG firewall by following this KBA: Sophos XG Firewall: How to SSH to the firewall using PuTTY utility

    • To connect using SSH, you may use any SSH client to connect to port 22 of the SFOS device.
    • Select option 5 Device Management.
    • Select option 3 Advanced Shell.

    Run the following command to collect syslog: tail -f /log/syslog.log 

    You also need to put the CSC service in debugging and collect csc logs. 

    Run the following command to put the csc service in debug: csc custom debug

    Note: Run the same command to remove the service from debugging. 

    Run the following command to collect csc logs: tail -f /log/csc.log 

    Send these logs to me via PM. 

    Thanks,

  • 0 in reply to FormerMember

    Hello Harsh, Thanks for your answer.  I can also create a new hostname successfully but will never be bindend with the public IP. I will send you now the requested logs.

    Best Regards,

    Xebato

  • 0

    Just to show you are not the only one, I am experiencing the same issue on my System