Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 489 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DNAT can't specify interface

supine
We have an ASG and are doing multipath. We want to DNAT outbound DNS packets so that when the default route changes name resolution will continue to work (ISP A's name servers won't answer queries from ISP B's IPs).

However, you can't specify an 'out' interface in the NAT rules. I've read that you can work around this by the DST object being bound to an interface. However this didn't seem to work, 'out' was still 'any'.

Any other ideas?


This thread was automatically locked due to age.
Parents
  • 0
    The resolution suggested by (BarryG? BruceKConvergent?) is to use a public DNS service like OpenDNS.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    The resolution suggested by (BarryG? BruceKConvergent?) is to use a public DNS service like OpenDNS.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Cookie Information Banner