Firewall rule using FQDN

Seth · Sep 5, 2008, 1:37 PM

Question

I would like to use FQDN instead of explicit IP addresses.

Reason - VPN clients/servers with dynamic WAN addresses.

Static address are more secure, but opening up to the world is less secure…

Is this being considered for 1.3, beyond or at all?

Thanks
Seth

kapara · Sep 5, 2008, 7:22 PM

Do a search in firewalling. I found threads by typing dynamic and going throught the various posts.

Seth · Sep 5, 2008, 7:28 PM

No. Searched with FQDN and got 2 hits that didn't help.

databeestje · Sep 6, 2008, 9:12 PM

In 1.3 it should be possible to use a hostname in a alias, not in the firewall rule directly.

Kind regards,

Seth

cmb · Sep 7, 2008, 1:11 AM

You can do this using network aliases in 1.2 already, but it'll never update the ruleset to reflect any DNS changes (unless you make a firewall rule change). For records that change frequently this isn't practical.