I have the following host definition (mysite.com is being used as a substitution for the real FQDN):
and the following DNAT:
...
Rule type: DNAT
Traffic from: ANY
Using service: 80, 443
Going to: External WAN (public IP address of FQDN)
Change destination to: mysite.com host (pictured in the image above)
...
With this setup, everything works fine. Local users and external users can access the domains listed in the network definition above.
The issue I have encountered is that I have another subdomain (info.mysite.com) that I cannot access from the internal network unless I remove the DNS host name "mysite.com" from the network definition that is pictured above. Of course if I do that, internal users can no longer access 'mysite.com'.
I cannot set a static record for 'info.mysite.com' in Sophos because it is hosted externally and it has a dynamic public IP address.
Why does having "mysite.com" defined in the network definition cause 'info.mysite.com' to be unresolvable for internal users?
When using nslookup on an internal PC, I get the following: Unknown can't find info.mysite.com: Non-existent domain. If I change the PC's DNS server from Sophos to a public one (e.g., 8.8.8.8), 'info.mysite.com' is accessible from that PC. I also flush the resolver cache on both the Sophos unit and the PC every time I make a change.
This thread was automatically locked due to age.
