Home/Support/Support Forum/Can a firewall rule specify domain name instead of IP address
Welcome to Digi Forum, where you can ask questions and receive answers from other members of the community.

Can a firewall rule specify domain name instead of IP address

0 votes
We need to configure an outgoing firewall rule for s3.amazonaws.com which can have many IP addresses. Is it possible to setup a firewall rule using a domain name? I tried this and it did not work: pass out break end from any to s3.amazonaws.com inspect-state
asked Sep 21, 2018 in Digi TransPort Cellular by AndrewW New to the Community (0 points)

Please log in or register to answer this question.

1 Answer

0 votes
Hi

The problem with using domain names is when the firewall rules are processed it caches the address that result for a single address. If the domain is serviced by a number of IPaddress in round robin it will be very temperamental.
answered Sep 24, 2018 by James.Wilson Veteran of the Digi Community (1,173 points)
...