Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 25 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 38347 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Split-DNS and RED15

Ryan Ingman

We are using a RED15 in Standard/Unified Mode. It connects up with our SG 125 fine and we can access MOST things. We can access the Internet, DNS is working, able to access Shares, etc.. but for some reason we can't access some servers we have setup via Split-DNS (RDS and Exchange).

I'm unable to Ping the IPs in Split-DNS whereas I can Ping other IPs on our network fine. I'm unable to use Remote Desktop to get to the servers in the Split-DNS or access anything else on them (i.e. Shares, Services.) Anything (PCs/laptops/etc..) that aren't behind the RED15 are able to access everything in Split-DNS so I don't believe we have anything setup incorrectly from that "side".

I feel like it should be something simple but I've been able to figure it out. I'm willing to start from scratch and take any recommendations from the Community.

I hope I've included enough information for at least a starting point.

Thank you for your time.



This thread was automatically locked due to age.
  • 0 in reply to BAlfson

    I wasn't seeing any DNS traffic generated when I tried to just use Remote Desktop (no DNS traffic even to a Server I know I can get into) so I just did some NSLookups. I have attached the file with that traffic.

    One thing I did think about. The couple of servers I'm having trouble access are virtual machines on Hyper-V. I'm able to access the Hyper-V Hosts okay but not the virtual machines themselves.

  • 0 in reply to Ryan Ingman

    Ryan, try making a static route in the UTM to the subnet of the VMs - I bet you have a virtual switch in there that the UTM doesn't have a route for.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Do you have any pointers on how the Static Routes need to be setup? I haven't been able to make it work.

  • 0 in reply to Ryan Ingman

    "Current Topology:

    "Client<-->[RED15]<-->[Cable Modem]<--Internet-->[Cable Modem]<-->[UTM]<-->Internet Network"

    What private IP is on the Client?  Where is the subnet with the DNS server?  What does a failed ping look like?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    That is our current Topology

    Private IP is 192.168.30.130

    Subnet with the DNS Server is 192.168.10.XXX

    A failed ping comes back as "Request timed out"

Unfiltered HTML