Skip to content

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=DNS-protection-network-setup-Sophos-Firewall

Configure Sophos Firewall to use DNS Protection

If you're using Sophos Firewall as the DNS server, you can configure the firewall to use DNS Protection as the DNS forwarder. To do this, you must add the DNS Protection IP addresses to the firewall.

To configure Sophos Firewall, do as follows:

  1. In Sophos Central, go to DNS Protection > Installers.

  2. Next to IP addresses, click Copy to copy the DNS Protection IP addresses.

    You copy two IP addresses. You can use them as the primary and secondary DNS Protection IP addresses to configure redundancy.

  3. In Sophos Firewall, go to Network > DNS.

  4. Select Static DNS.
  5. In DNS 1, enter the IP address you want to use as the primary DNS Protection Server. This must be one of the addresses you copied from Sophos Central.

  6. In DNS 2, enter the IP address you want to use as the secondary DNS Protection server. This must be one of the addresses you copied from Sophos Central.

    Note

    We recommend you don't add any other DNS server in DNS 3. If the firewall switches to the third DNS server, you'll lose the protection offered by DNS protection.

  7. Click Apply.

Sophos Firewall DNS configuration.