Adding firewall rule for a DNS record?



  • Hello, I wonder if there is any way to add firewall rule for a DNS record.

    There is device in LAN which has cloud functionalities. However, we want to limit them (actually block them). It is easy to add a firewall rule for that device to block all outgoing WAN traffic. However, we still need device to receive upgrades.

    The devices basically uses a domain (let's say update.device.com) to check updates. I can grant permission specific to the resolved IP of this DNS but it may be changed for some time later. Therefore, in needs continuous monitoring.

    Is there any way to do this automatically or any other workaround? Thanks


  • LAYER 8 Global Moderator

    create an alias that uses that FQDN, use that alias in your firewall rule vs the IP.. this by defaults updates every 5 minutes.



  • That helped me a lot. Many thanks


Log in to reply