Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 1 subscriber
  • Views 15555 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Can ping IP over VPN but Can not Ping Hostname

mgamal-it
Dear All 

I created ipsec Vpn Between Sophos UTM 9 and Draytek 5510 i can ping by ip normally but can not ping by host name from 2 sides ??!! 

and created another ipsec vpn by draytek 5510 and draytek 5300 i can ping by ip and by host name from 2 sides ??!!

so whats wrong?


This thread was automatically locked due to age.
  • 0
    Someone would need to see the actual public IPs, the configuration and the FQDN, so you should ask your reseller to submit a ticket to Sophos Support.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    If you VPN is configured correctly and you are only able to ping on IP and not on hostname then it's most likely name resolution that fails.

    If you try: ping hostname

    usually a Netbios broadcast message is put on the LOCAL lan asking all clients to respond if it's their name.

    If you have a working DNS-server that acts over the boundaries of the VPN and the domain names on both sites are equal it should work since there would also follow an automatich search for hostname.domainname.tld

    The netbios broadcast will not travel to other subnets, whereas the DNS request will.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0
    Dear All Thanks for replay 

    at a first i am using sophos UTM 9 free edition with 50 user only so not have partner to check with him and i don't have any dns server in my network so any idea ??
  • 0
    If you don't have DNS then your clients cannot resolve to other location on hostname.
    The only thing you can do is to add the clients from the other location in the HOSTS file of all the clients that need to access them but this is not an environment that is manageable easily because it has to be modified on all the clients separately with every change.

    You could also manually add the clients to the UTM and use the UTM as DHCP-server, but I think it doesn't support dynamic updating so you would have to manually manage these entries.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

  • 0
    ok i added an server in sophos utm with hosts but still can ping by ip address only but when i ping form any side that established connected ipsec vpn draytek 5510 with draytek 5300 can ping with ip and host name normally but with ipsec vpn wiche established with sophos can ping with ip address only can not resolve the host name  [:(]
  • 0
    If you add all the hosts as static host entries in Sophos UTM then all your clients (also on the other side of the connection) should use Sophos as DNS-server. But if your VPN goes down, then these clients wouldn't be able to resolve anything.

    The only remedy for that when not using "real" DNS-servers is by using the HOSTS files on every single machine and make entries for every other machine in there.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Unfiltered HTML