Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 3627 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FQDN to LAN forward

gosheto
Hi,

On UTM9 I have two interfaces:
eth0 - External (WAN) with example IP - 78.78.78.78
eth1 - Internal - 192.168.100.1/24

I have domain (example mynet.com), managed by (example GoDaddy)  with several DNS entries .. example:

mynet.com - A record to 78.78.78.78 (my eth0 IP)
pc1.mynet.com - A record to 78.78.78.78
pc2.mynet.com - A record to 78.78.78.78

How to configure UTM to forward every subdomain to different IP in eth1 network?

For example:

pc1.mynet.com -> All ports [redirect to] -> 192.168.100.5
pc2.mynet.com -> All ports [redirect to] -> 192.168.100.7
 
And when request https://pc1.mynet.com:12345 UTM to pass request and answer from https://192.168.100.5:12345


Thank you in advance!


This thread was automatically locked due to age.
  • 0
    Hi, if you only have 1 external IP, it is impossible to forward all ports to different devices.

    However, you can use the WAF (WebServer Protection) to forward HTTP/S traffic to different devices using the domain name.

    HTTP sends the hostname in the HTTP headers; most other IP traffic does not so proxying to different devices is impossible.

    Barry
  • 0
    Hi, gosheto, and welcome to the User BB!

    Barry's right (as usual [;)]) - why do you want to forward all ports?

    Is this a home-use scenario, or do you have a paid license?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi,

    thanks for reply!
    This is home-use scenario.
    I have small lab (few ESXi hosts) and need to assign each host and Virtual machines inside host with FQDN to access them from internet. Sophos UTM is installed as appliance inside ESXi and is used for default gateway, DHCP, firewall ... for all virtual machines. Sophos and ESXi have real IP, but i`m limited to 5 real IP addresses from my ISP and research for solution to access virtual machines from internet directly. I have registered TLD domain and point DNS A records to Sophos UTM IP address.
  • 0
    Add the fixed, public IP to the External interface as Additional Addresses.  Then, you can make a DNAT rule to redirect all ports for each Additional IP to one VM.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?