Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 2652 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM + AWS ELB: Host Group definition is still pointing to ELBs IP which was removed.

MatchMovePay

Using Sophos UTM 9 , for Web Sever Protection.

- AWS Internal ELBs configured as DNS Host in the Real WebServer

- Followed the steps in the link below and for the DNS Host Group definition to enable discovery of multiple IPs of ELB.

https://community.sophos.com/kb/en-US/123999

- Issue is when ELB has a scale down event. Those IPs which are no longer attached to the ELB is still cached in the DNS Host Group definition. 

- Followed the steps in the DNS best practices URL below and still the issue persists. 

https://community.sophos.com/kb/en-us/120283

- Tried "Flush Resolver Cache Now" still Host Group is not updated.

- Looked into the following thread and don't find a verified working solution. 

https://community.sophos.com/products/unified-threat-management/f/57/t/10924

Any inputs or advice on this please.



This thread was automatically locked due to age.
  • 0

    Hi, and welcome to the UTM Community!

    That DNS article was plagiarized from my post DNS best practice.  I don't know if they maintain that article as often as I maintain my post with suggestions from others here, so you might want to check that.

    I'm not sure where the blue smoke has escaped the box, but I agree that clearing the cache should force DNS Host and DNS Group definitions to grab the new IP(s).  I know I've made it work by clearing the cache and then editing and saving the definition, but I haven't had to do that often enough to know if it will work for you.   Please let us know.

    Cheers - Bob