Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 37 replies
  • Answers 2 answers
  • Subscribers 28 subscribers
  • Views 3402 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

dynamic dns issue

ChriZathens

Hello guys!

Long time UTM user, absolute newbie when it comes to XG..Anyway..

I need one specific thing. I have 3 dynamic dns hostanames. And one internal webserver. e.g. 10.10.10.1

I need to use WAF and redirect first.dyndns.com to 10.10.10.1 (port 80)

then second.dyndns.com to 10.10.10.1:8090

and finally third.dyndns.com to 10.10.10.1: 9090

Can someone share an example of how to use this dyndns hostname to redirect to an internal ip on port 8096?

I tried many combinations and they all redirect to 10.10.10.1 (port 80)

The webui, being noticably slower than the one of the UTM's, makes things even harder. Disappointed



This thread was automatically locked due to age.
Parents
  • 0

    How did you resolve this on UTM? 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    What do you mean?

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to LuCar Toni

    So how can it be used as a reverse proxy? Only with path specific routing? 

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    You tested several ways. And as your results, it seems not to work based on FQDNs. Therefore you cannot do your setup. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    I see what you mean.. But the thing is that it is accepting FQDNs in the firewall rule and looking at the documentation I cannot understand that this is not supported..

    XG was supposed to be one step up in the reverse proxy rule compared to UTM. Is it really one step back? What I mean is, are we sure that there is not something wrong in my software setup?

    Do you have some inside info perhaps? Is this something that is going to be fixed in a later release?

    Thanks a lot man!

    EDIT: Do you think I should create a new post describing exactly this and asking for verification that it can actually be done?

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    It could potentially work, if you define the domain per WAF Rule. 

    So this should work, and separate the Domains like UTM did. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Thanks for taking time trying to help me !

    I think I have already tried this but it does not hurt to give it another try, I guess

    I will post back

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    Quick reply..Did it

    Nope as a first try it is not working.. Both FQDNs forward to port 80 of the server. Did it actually work for you in your tests?

    However as a workaround I had created some NAT rules that might interfere (?) Those two are the two first ones, though..

    I will try more and perhaps later do as I mentioned above and try to create a new post to explain what I need to do and ask if it is doable... If you have any other ideas, they are welcome!

    I really appreciate your help!

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • +1 in reply to ChriZathens

    DNAT will grap the traffic of the WAF. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    OK, so it will interfere..BUT I disabled all related NAT rules and I still get the same result... 

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    Then it seems not to be supported on SFOS. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Nevertheless I will try my luck getting an "official" answer (from the support maybe?)

    I will create a detailed post to describe the situation and see what I get. I really can't believe that it is not working. It was a piece of cake with the UTM...

    I really feel at this point that my decision to drop it and go to XG has dropped me a few steps backwards..

    I will admit, though, that working with web policies is much better in XG.. now, detailed reporting, live internet usage and other staff that are missing from XG is a different discussion, but about those I knew and expect to be added/improved  in the future..

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
Reply
  • 0 in reply to LuCar Toni

    Nevertheless I will try my luck getting an "official" answer (from the support maybe?)

    I will create a detailed post to describe the situation and see what I get. I really can't believe that it is not working. It was a piece of cake with the UTM...

    I really feel at this point that my decision to drop it and go to XG has dropped me a few steps backwards..

    I will admit, though, that working with web policies is much better in XG.. now, detailed reporting, live internet usage and other staff that are missing from XG is a different discussion, but about those I knew and expect to be added/improved  in the future..

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
Children
  • 0 in reply to ChriZathens

    Sophos Support is not involved for Home User. 

    For the future, such concepts are ZTNA concepts. But this is not available for Home users. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Yes I understand I am a home user, but I don't want them to "support" me.. Just an answer whether this can be done or not..

    LuCar Toni said:
    For the future, such concepts are ZTNA concepts.

    What do you mean?

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
  • 0 in reply to ChriZathens

    www.sophos.com/.../zero-trust-network-access

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Thanks for the link.. makes sense I guess..

    I figured you were referring to zero trust na, but thought it was irrelevant to my case, so I thought perhaps you were referring to something else after all.

    Because I didn't know that sophos has ztna as an additional "module ".

    Business wise it makes sense I guess with the covid situation and remote workers everywhere. 

    Thanks again. I will still create a post about this in order to perhaps get a definite answer. Even a plan for a future release enhancements will be a good outcome..

     
    Sophos XG Home Licence.

    Machine: Barracuda F12 appliance (Intel Celeron N3350 CPU, 6GB Ram, 80GB sata SSD)
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?