Help with setup on Sophos XG Firewall
Hello,
I was wondering if anyone has setup NextDNS to work with the Sophos XG firewall. I could not find any topics on the NextDNS forums and everything I found on the Sophos side says not to change DNS settings. I would really like to use the nextdns ad filters but don't want to mess sophos up.
thanks
2 replies
-
You have a few options:
- IPv6 NextDNS addresses, set IPv6 DNS as preferred for all queries in Sophos (if supported by your ISP)
- IPv4 NextDNS addresses in Sophos, with IP binding set in NextDNS. Binding can be achieved by having static external IP, or via Dynamic DNS (I still use Sophos's myfirewall.co but it will be decommissioned soon)
- your own DNS forwarder in internal network, with DoH or DoT
Sophos may also be configured to redirect all IPv4/IPv6 DNS queries to NextDNS or your forwarder even if the user wants other DNS.
Sophos Firewall itself will not support DNS over TLS or HTTPS in the foreseeable future, according to company representatives in Sophos Community forum. I am not sure about decrypting these on DPI or proxy, though.
-
Did you ever figure this out?
Content aside
- 7 mths agoLast active
- 2Replies
- 396Views
-
3
Following