Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 489 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNS Request route (Bind on Interface or Subnet Listener]

Valvaris Sigma

Hello Sophos-Community,

this would be great to have on the DNS Controlling side of things. The feature in question is DNS Request Route!

My Scenario would be multiple DNS Servers Public or Local with some subnets not having to hit the DNS Request Route.

Example:

Company Laptop on Company Interface1 -> shop.test.de ---> Sophos DNS Request Route ----> DC (Internal DNS DE Zone) test.de = OK 

Guest Laptop on Guest Interface2 -> shop.test.de ---> Sophos DNS Request Route ---> DC (Internal DNS DE Zone) test.de = FAIL

On both the Sophos Appliance is the primary DNS Server

But on the Guest Laptop everything that wants to go to "test.de" FAILs because of the DNS Request Route. So, if the listener could only be bound to the Subnet / Interface1 this issue would not be the case.

This also goes for companies that have Active Directory Server with a Routable Domains (.com .de and so on...) <--- WHY???? 

Many thanks in advance

Val.



This thread was automatically locked due to age.
  • 0

    Works for me. If a domain is requested, which have a request route, the request is forwarded.

    Do "other" domains work from guest notebook? Try nslookup (browser may use other ways to resolve domain names)

    Do you have allowed DNS-requests to XG from guest networks zone within "device access" .. Otherwise, DNS-request-routes don't work too.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Unfiltered HTML