Configuring DNS and DHCP on

Sophos Firewall

Sophos Firewall
Version: 19.0v2

[Additional Information]
Sophos Firewall
FW1545: Configuring DNS and DHCP on Sophos Firewall

June 2022
Version: 19.0v2

© 2022 Sophos Limited. All rights reserved. No part of this document may be used or reproduced
in any form or by any means without the prior written consent of Sophos.

Sophos and the Sophos logo are registered trademarks of Sophos Limited. Other names, logos and
marks mentioned in this document may be the trademarks or registered trademarks of Sophos
Limited or their respective owners.

While reasonable care has been taken in the preparation of this document, Sophos makes no
warranties, conditions or representations (whether express or implied) as to its completeness or
accuracy. This document is subject to change at any time without notice.

Sophos Limited is a company registered in England number 2096520, whose registered office is at
The Pentagon, Abingdon Science Park, Abingdon, Oxfordshire, OX14 3YP.

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 1

 Configuring DNS and DHCP on Sophos Firewall
In this chapter you will learn how RECOMMENDED KNOWLEDGE AND EXPERIENCE
to configure the DNS and DHCP ✓ Navigating and Managing the Sophos Firewall using
settings on Sophos Firewall. the WebAdmin

DURATION

5 minutes

In this chapter you will learn how to configure the DNS and DHCP settings on Sophos Firewall.

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 2

 DNS on Sophos Firewall

There are three ways to assign DNS servers to Sophos Firewall:

1. From your DHCP server

2. From PPPoE interface settings sent by your Internet

provider

3. Manually, by assigning static server entries

Sophos Firewall needs to be able to resolve hostnames and IP addresses.

There are three ways to assign DNS servers to Sophos Firewall:

• From your DHCP server

• From PPPoE interface settings sent by your Internet provider
• Manually, by assigning static server entries

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 3

 DNS Settings DNS is configured in:
CONFIGURE > Network > DNS

Select how Sophos

Firewall obtains DNS
servers

Set up to three
DNS servers for
IPv4 and IPv6

During the initial setup you will have to set a DNS server, this can be modified in CONFIGURE >
Network > DNS.

Here you can set how Sophos Firewall obtains its DNS server, and you can set up to three DNS
servers statically for IPv4 and IPv6.

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 4

 DNS Server

Preference between IPv4 and IPv6 DNS

servers

DNS records hosted by the Sophos

Firewall

Sophos Firewall also acts as a DNS server, using its configured DNS servers to resolve and respond
to requests. You can set how Sophos Firewall handles the preference between IPv4 and IPv6
lookups.

You can also configure DNS records on the Sophos Firewall itself. These can include a reverse
lookup from the IP address back to the hostname.

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 5

 DNS Request Routes

Set the DNS server to use to lookup hosts in the sophos.local domain

Set the DNS server to use to lookup IP addresses in the network 172.16.16.0/24

If the Sophos Firewall is configured to use your ISPs DNS servers, so that it can resolve hosts on the
Internet, you can override this for specific domains and networks by configuring DNS request
routes.

A DNS request route defines what DNS server should be used to lookup hosts in the selected
domain. Request routes can also be created for reverse lookups to define what DNS server should
be used to lookup IP addresses in the selected network.

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 6

 Simulation: Configure DNS Request Routes

In this simulation you will configure

DNS request routes on Sophos
Firewall.

LAUNCH SIMULATION CONTINUE

https://training.sophos.com/fw/simulation/ConfigureDNS/1/start.html

In this simulation you will configure DNS request routes on Sophos Firewall.

Application Traffic Shaping on Sophos Firewall - 7

 Dynamic DNS Dynamic DNS is configured in:
CONFIGURE > Network > Dynamic DNS

If your ISP assigns your IP through DHCP, you can use a dynamic DNS provider to host a DNS record
for this IP address, and have the Sophos Firewall update the IP address associated with it.

To configure dynamic DNS, you enter the hostname, and select the WAN interface it should resolve
to. You then need to select your provider, and enter your login details.

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 8

 DHCP Server DHCP is configured in:
CONFIGURE > Network > DHCP

Each DHCP server is assigned to an interface

The range of IP address it will lease

Sophos Firewall can provide DHCP to any networks that are connected to it. Each DHCP server you
configure on the Sophos Firewall can be either IPv4 or IPv6 and is bound to an interface.

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 9

 DHCP Relay

The interface where the clients are located

The IP address of the DHCP server to relay

requests for

Sophos Firewall can also act as a DHCP relay, passing DHCP requests between clients and a DHCP
server on another network.

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 10

 Chapter Review

DNS servers can be assigned to Sophos Firewall using DHCP, from PPPoE interface
settings and manually

DNS request routes define what DNS server should be used to lookup hosts in the
selected domain

Sophos Firewall can provide DHCP to any networks that are connected to it. It can also
pass requests to another DHCP server.

Here are the three main things you learned in this chapter.

DNS servers can be assigned to Sophos Firewall using DHCP, from PPPoE interface settings and
manually.

A DNS request routes define what DNS server should be used to lookup hosts in the selected
domain.

Sophos Firewall can provide DHCP to any networks that are connected to it. It can also pass
requests to another DHCP server.

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 15

Configuring DNS and DHCP on Sophos Firewall 19.0v1 - 16