Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 2 subscribers
  • Views 4177 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Internal Server from internal network with DNAT

guawhitehawk
Hi,

we have the following needs:

We want to be able to access an externally avilable service (api.example.com) from the internal servers whereas the external service is a NAT-SLB (Server Load balancing) and the the internal servers handling this services are on the same subnet, so we ran into the problem that the answer is not rerouted through the NAT. There is a solution: UTM: Accessing Internal or DMZ servers from Internal Networks using DNAT

The problem i see. When using the No. 1 DNS solution (which would work for us) we loose the ability to internally load balance that service.

Is there any way to also load balance this traffic internally???


This thread was automatically locked due to age.
Parents
  • 0
    You could just enter a DNS host or an Availability group as the destination (instead of a static single Host).
    I think the DNS Host should load balance, whereas the Availability group does only route to the first available host in the group if I recall correctly.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Reply
  • 0
    You could just enter a DNS host or an Availability group as the destination (instead of a static single Host).
    I think the DNS Host should load balance, whereas the Availability group does only route to the first available host in the group if I recall correctly.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Children
Cookie Information Banner