Configuring Advanced Settings

Additional IP routes enable the Sophos Web Appliance to process requests from client machines with IP addresses that reside outside of the appliance's subnet by re-routing the requests from those IP ranges.

Note
The appliance uses 172.24.24.173 to run the Setup Wizard. If your local network also uses addresses in the range of 172.24.24.0-255, adding an additional route that includes this address will cause routing conflicts. Adding routes incorrectly can make the administrative web interface inaccessible. See Adding Routes for more information.
  • To add a route:
    1. Enter a descriptive Route Name.
    2. Enter the requested Destination IP Range in CIDR format.
      Important
      This range must not include the static IP address of the appliance. It must also be outside of the appliance's subnet. Always enter URLs to numbered directories using fully qualified domain names rather than IP addresses. The Web Appliance interprets any dotted quad followed by a slash and a number less than 33 as a CIDR range. Thus, a URL entered as an IP address followed by a numbered directory from 0 to 32 is improperly treated as a CIDR range.
    3. Enter the Gateway IP Address to which you want to route the IP addresses. This address should be on the same subnet as the appliance
    4. Click Add.
      To modify a route, you must delete it and add it again with the modified route information.
      Note
      If a route makes the administrative web interface inaccessible, you must delete the incorrect routes. Connect a laptop to the configuration port of the appliance and access the appliance by connecting to 172.24.24.173.
  • To delete a route:
    1. Select the check box beside the route that you want to delete.
    2. Click Delete.

The Hostname to IP Address map feature allows you to map a hostname to an IP address. This feature is used to resolve hostnames or sites (for example, Active Directory servers) that the configured DNS server is not aware of. This is the same as implementing a hosts file on a server or workstation.

  • To map a hostname to an IP address:

    1. Enter an IP address in the IP Address text box.
    2. Enter a hostname in the Hostname text box.
    3. Click Add.
    Note
    For Active Directory to work properly when the DNS server is not aware of the Active Directory server, you may need to include three entries for your Active Directory server.
    
                <IP address> domain.tld
                <IP address> host.domain.tld
                <IP address> host.domain.tld.
  • To remove mapping:

    1. Select the check box beside the mapping that you want to delete.
    2. Click Delete.

The TCP listening ports feature allows you to configure additional ports on which the appliance will listen for web connections.

  • To add a TCP listening port:

    1. Enter comma-separated port numbers in the TCP listening ports text box.

      The port numbers must be between 1024 and 65535. Reserved ports that cannot be used include: 8080, 8443, 8445, 8777, 10000, 13128, and 18081. Port 8080 is always used by default. You can enter spaces after commas.

    2. Click Add.
  • To modify the list of TCP listening ports:

    1. Edit the list of comma separated port numbers that the appliance will use to listen for web connections.

      The port numbers must be between 1024 and 65535. Spaces after the commas are allowed.

    2. Click Add. If no ports are listed, the default of 8080 port 8080 will be used.

Click Close to exit the Advanced Settings dialog box.