Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 2 subscribers
  • Views 10718 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Local DNS server published Sophos UTM

AlexeyShevelev

good afternoon. I apologize for the broken English. customizable products and came across the problem of the publication of the local DNS and mail server respectively to be the exact same problem. How can I publish a DNS port on a particular server? on TMG 2010 I had no such problem. thank you in advance. did as there www.sophos.com/.../115145.aspx



This thread was automatically locked due to age.
  • 0

    It's not clear to me what you're trying to accomplish...

    Do you want to make your internal DNS server publicly available for everyone?

    Can you show a screenshot of your DNAt rule in edit mode?

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
  • 0
    I'm very unclear as well why you would want to open up your Internal DNS to the outside world as well. Generally speaking, not something you'd want to do under normal circumstances.

    That being said, here's what a DNAT should look like:


    Matching Condition
    For traffic from: Internet IPv4
    Using service: DNS
    Going to: External (WAN) (ADDRESS)

    Action
    Change the destination to: Host definition for your internal server
    And the service to: leave blank

    Check the box for automatic firewall rule. Save the DNAT, then toggle the status switch to turn the rule on.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
Cookie Information Banner