Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2551 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

different DNS/DHCP in Remote Access

NvA
Hi,
we use SSL-VPN on our UTM 9.2 for different local nets for different customers.

Is it possible to use different DNS/DHCP ranges and settings (including domain names) as configured in  Settings and assign it to different SSL-VPN profiles?

Is there an other and quicker solution as to vote this some years old feature request:
VPN: Split DNS for SSL VPN Clients

Regards
Nathan


This thread was automatically locked due to age.
  • 0
    Nathan, what is the underlying problem that you're trying to address with your suggested solution?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi Bob,
    thank for your interest.

    We admin 5 customers on our ASG320, each with separate network settings on LAN and VLAN adapters and own servers and domain controller.

    Some members use SSL-VPN from HomeOffice or mobile devices.
    I can separate them with different profiles, user/groups and firewall settings.

    But I can configure just settings for one DNS, WINS, Domainname for all profiles, that may have different requirements. 

    My idea is to combine the DHCP settings with a SSL-VPN profile, but I can't use this as interface.

    I'm using Remote Access and the SSL-VPN client.
    Is it possible to use Site-to-Site-VPN with SSL-Client as Remote Access to do this?

    thank a lot
    Nathan
  • 0
    Nathan,

    Why not use the built-in DNS, assigning a Request Route for each of their internal domains?  With your firewall rules in place, you should have no crossover.  Can that work, or is that what you're doing now?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Hi Bob,
    I use Network Services / DNS / Request Routing to resolve the different local DNS queries.
    With SSL-VPN I can use this to resolve server.custom-domain.local or server.another-custom-domain.local. This works.
    On Remote Access / Advanced I can specify one domain name. E.g. domain.local. Clients can now resolv just 'server' instead of server.domain.local.
    Nathan
  • 0
    Agreed, that's a limitation that we have to live with at present.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML