Configure Sophos Firewall to use DNS Protection
If you're using Sophos Firewall as the DNS server, you can configure the firewall to use DNS Protection as the DNS forwarder. To do this, you must add the DNS Protection IP addresses to the firewall.
To configure Sophos Firewall, do as follows:
- In Sophos Central, go to DNS Protection > Installers.
Next to IP addresses, click Copy to copy the DNS Protection IP addresses.
You copy two IP addresses. You can use them as the primary and secondary DNS Protection IP addresses to configure redundancy.
In Sophos Firewall, go to Network > DNS.
- Select Static DNS.
- In DNS 1, enter the IP address you want to use as the primary DNS Protection Server. This must be one of the addresses you copied from Sophos Central.
In DNS 2, enter the IP address you want to use as the secondary DNS Protection server. This must be one of the addresses you copied from Sophos Central.
We recommend you don't add any other DNS server in DNS 3. If the firewall switches to the third DNS server, you'll lose the protection offered by DNS protection.