Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 31876 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Internal DNS issues

ChrisMonnich

Fist time Poster, so please go easy on me :)

So here is my issue, I have setup my new XG and loving it so far but I am having issues with Internal DNS.

I.E. if i ping server.(internaldomain).net it resolves to an outside IP (198.105.244.69) but not limited to  this one system.

however if I just ping "server" then I get the correct local IPV6 or IPV4 address.

Here is the general config of my network.

Lan: 172.16.0.0/23 with localdomain info

Wan Static from ISP

DNS IPV4 : ISP DNS SERVER #1

                     ISP DNS SERVER #2

GOOGLE (8.8.8.8)

Now what I have tried and have failed.

I have made changes to the DHCP options and made the XG the lan DNS > didnt change anything

added wildcard domain in the DNS routing ( *.localdoamin.net) no change :(

added FQDN for specific systems "server.localdoamin.net" in DNS host entry ---- That would be a negative ghostwriter

I have also tried  adding a IP Host (Objects> Hosts and Services> IP Host) no luck.

I have looked and the XG admin guide and there isnt any mention about this config type so I suspected it one of those magical configs where i just works.

I would rather not have to spin up another box to be a DNS server when this is quite capable of doing so.

any input / advice on how to fix this would be great.. Thanks



This thread was automatically locked due to age.
  • 0

    Chris,

    welcome on board. To route all your dns request (*.test.local) you have to create a Dns Request Route under System > Network > DNS.
    Here add your local domain and who can resolve dns queries.

    Luk

  • 0 in reply to lferrara
    Thanks for getting back to me.
    So I attempted to do what you said a I learned more. However that was not a fix, adding DNS route request looks like if I were going to run a DNS server on the Local LAN (Trying to avoid) then I would use that internal server as a t "target" but you can not bind a domain name to a interface in this menu.. Am I misunderstanding something? Thanks
  • 0

    Ok So I have found either a Fix or work-around.. Just posting for others if they encounter this issue.
    What I did was go into your DCHP scope options and in there, there is a section for "use device DNS" uncheck that box and point DNS to the IP of your XG in my case it was 172.16.0.1
    Then you have to do the tedious process of manually adding all of the entries by hand,
    Go to System> Network> DNS “DNS host entry “and add the hosts you want/need.
    And do make sure to check the box for reverse lookup.

    take about a five min break come back and test your pings.. TADA

  • 0 in reply to ChrisMonnich

    Chris,

    this is a good solution if you have few server and you do not need advanced DNS fetures.

    Good to know you resolved you issue.[;)]

    Luk

  • 0 in reply to lferrara

    We have a very big problem... i need pass the DNS Queries to my internal Nameserver (ns2.ardanet-systems.com) i tryed anything but i can't get this. The queries can't pass WAN...

    This is because i has behind the XG a Webhosting (cPanel & Nameserver: ns1.ardanet-systems.com) and a second Nameserver (cPanel DNSOnly: ns2.ardanet-systems.com)

                                                      +-----------+        +----------------------------------------------+
                                                      |           |        |                                              |
                                                      |           +--------+ ns2.ardanet-systems.com (DNSOnly)            |
                                                      |           |        |                                              |
           +------------------------------+           |           |        +----------------------------------------------+
           |                              |           |           |        +----------------------------------------------+
    +------+ Sophos XG (88.12.41.205)     +-----------+           |        |                                              |
           |                              |           |           +--------+ mail.ardanet-systems.com MX 0                |
           +------------------------------+           |           |        |                                              |
                                                      |  Switch   |        +----------------------------------------------+
           +------------------------------+           |           |        +----------------------------------------------+
           |                              |           |           |        |                                              |
    +------+ pfSense (90.74.128.121)      +-----------+           +--------+ ns1.ardanet-systems.com (cPanel)             |
           |                              |           |           |        |                                              |
           +------------------------------+           |           |        +----------------------------------------------+
                                                      |           |        +----------------------------------------------+
                                                      |           |        |                                              |
                                                      |           +--------+ Other Servers...                             |
                                                      |           |        |                                              |
                                                      +-----------+        +----------------------------------------------+

    Anyone has idea how to resolve this problem?

    Thx for advance

    Best Regards