Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 5884 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL-VPN DNS Problem

stifke01@googlemail.com
Hallo.

Ein Kunde von uns möchte seine Clients, welche sich per SSL-VPN einwählen, gern per Namensauflösung ansprechen.

Ich beschäftige mich heut schon ne ganze weile mit diesem Problem und komme leider zu keiner Lösung.

Habe beim Fernzugriff->Erweitert ->Clientoptionen als erstes den internen DNS und als zweites die FW selbst eingetragen. 

Unter Netwerkdienste->DNS->zugelassene Netzwerke steht auch die Netzwerkgruppe VPN Pool drin.

Hoffe ihr könnt mir weiterhelfen....


This thread was automatically locked due to age.
Parents
  • 0
    I think the problem is the VPN Pool (SSL). Those addresses are not being distributed by a DHCP-server and are most likely therefore also not registering upon getting an IP-address.

    If you have those clients pointing to the right internal DNS-server also hosting the DNS-name that you specified in Remote access -> Advanced and this server allows dynamic updates, then it may just work. Be cautious though, that in this case you are allowing every remote access user access to your DNS-server which might not be desirable.

    The other option would be to use Static IP-addresses for you clients which you can then add to the UTM.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Reply
  • 0
    I think the problem is the VPN Pool (SSL). Those addresses are not being distributed by a DHCP-server and are most likely therefore also not registering upon getting an IP-address.

    If you have those clients pointing to the right internal DNS-server also hosting the DNS-name that you specified in Remote access -> Advanced and this server allows dynamic updates, then it may just work. Be cautious though, that in this case you are allowing every remote access user access to your DNS-server which might not be desirable.

    The other option would be to use Static IP-addresses for you clients which you can then add to the UTM.

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Children
No Data
Unfiltered HTML