Many firewall deployments do not have fixed public IP addresses, and instead, receive a dynamically allocated IP from the ISP connected to the WAN interface. This dynamic IP can change over time, causing issues if you need access to the firewall from the outside.
Dynamic DNS is a service you can use to make the site accessible from the outside in. Routers, firewalls or network device can register a public DNS name on a Dynamic DNS service. When they receive a new public IP address from the ISP, they then contact the Dynamic DNS service and update the public DNS name with the new IP. You can then simply use the public DNS name to access the firewall from the outside, and it will always point to the correct IP address.
Well known providers of such services include:
Some of these providers offer a free Dynamic DNS service, but none of them are free for commercial use, or for use at scale.
The Sophos XG Firewall supports these four Dynamic DNS providers, but it also includes a fifth provider simply called Sophos, and the great news is it's free! Well, free in the sense that it is covered by your Sophos subscription license, without requiring additional subscriptions/fees.
To get started with Sophos XG's free Dyanmic DNS service:
You will be redirected to the Dynamic DNS screen, and see the status of the registration.
You can to verify the public DNS record using a tool such as digwebinterface.com.
In the screenshot below, you can also see that this service is backed by 4 AWS DNS instances.
This is a great feature for Sophos to include “in the box.” As someone who has extensively used services like this for large deployments, it's great to finally have it included as a free Dynamic DNS service that is native and robust.
PS - Did you know that Fastvue Sophos reporter now supports XG firewall?
Download our FREE 30-day trial, or schedule a demo and we'll show you how it works.
How to Enable Dark Mode in Fortinet FortiGate (FortiOS 7.0)
Sophos XG - How to Block Searches and URLs with Specific Keywords