Hi,
I’m considering moving from a Sonicwall to Peplink, probably the Balance Two, but not wed to that yet. I have a number of peplinks in use for mobile applications, and would like to unify on Peplink to make VPN more straight forward.
The one use case that Peplink doesn’t appear to support is using FQDN instead of IP for whitelisting. This is used in my sonicwall to allow only specific FQDN’s access to certain ports/services, such as specific RDP ports. FQDN is used due to users being on non-static IPs, so we use DynDNS and the resulting FQDN for our access rules.
- Has the firmeware been updated to use FQDN instead of IP for whitelisting?
- If not, is there any possibility of running a cron based shell script that could run every minute or so and convert FQDN to IP, and then most importantly, is it possible to then have the shell script update the access rules to update the IP as needed? I’m not sure how feature rich the CLI is and whether I could pull this off at the CLI level.
Scenario:
FQDN: user1.mydomain.com has access to port 3393 for RDP to a specific machine.
FQDN: user2.mydomain.com has access to port 3392 for RDP to a different machine than user 1 above.
Etc.
So, using CLI, can I update the IP restriction for port 3393, and the IP restriction for port 3392, after I have a script that finds the current IP?
In addition, can I have more than one. Currently, I have 7 or 8 FQDNs that can hit a given port, but those are the only ones, and as they are DynDNS FQDNs, they are not in the same IP block, and are 8 independent FQDNs/IPs.
Thanks