It can be necessary to connect to your firewall from the internet, when you want to make a VPN-connection for example, but if you have a dynamic IP-address what most home users have then you can profit from using Dynamic DNS.
A dynamic DNS solution provides your firewall with a DNS-name that is always the same regardless of the IP-address you get from your ISP.
Sophos supports several dynamic DNS providers that you can configure, but they also offer their own service. This article describes how to setup the Sophos dynamic DNS service
Create a Dynamic DNS entry
Go to Configure -> Network -> Dynamic DNS and click on the ‘Add’ button
First of all choose Sophos as service provider in the bottom part of the screen. Next choose a Hostname (in case of Sophos dyndns this should always end in myfirewall.co).
The interface should be the WAN-interface which usually is Port2.
Depending on how your firewall is connected to the internet, you may need to select ‘NATed public IP’.
If you don’t know which one to choose, then first visit the whatsmyip.com website. This website will show you your public IP-address. If that is different from the one behind your interface, it means you are using NAT. You should select ‘NATed public IP’, if both are the same you keep the setting ‘Use port IP’.
When you have entered all information, press ‘Save’, and if all went well you will see a success message.
From that moment on, your firewall is reachable from the internet using the configured dynamic DNS name.
Beware that when you had to choose ‘NATed public IP’, than most likely you will also need to login to your router and configure the firewall (the firewalls WAN IP-address) as a DMZ-host. Your router will then forward all traffic coming from the internet to your firewall, otherwise your router will just drop the packets because it doesn’t know what to do with them.
If you like this post about Sophos XG, you may also like my other posts about Sophos.