Firewall rule using FQDN

  • Question

    I would like to use FQDN instead of explicit IP addresses.

    Reason - VPN clients/servers with dynamic WAN addresses.

    Static address are more secure, but opening up to the world is less secure…

    Is this being considered for 1.3, beyond or at all?


  • Do a search in firewalling.  I found threads by typing dynamic and going throught the various posts.

  • No.  Searched with FQDN and got 2 hits that didn't help.

  • In 1.3 it should be possible to use a hostname in a alias, not in the firewall rule directly.

    Kind regards,


  • You can do this using network aliases in 1.2 already, but it'll never update the ruleset to reflect any DNS changes (unless you make a firewall rule change). For records that change frequently this isn't practical.

Log in to reply