Only IPs work for Firewall Alias "Host(s)", not able to use a FQDN

dgk · July 04, 2023, 07:09:19 PM

I am allowing along certain hosts to a firewall rule.

If I try to use a FQDN in the "content" field of a FW alias Host(s) then use that alias the firewall does not allow that host as a source.

But if I replace in that "content" field of the alias with the actual IP of the that host then the firewall works correctly allowing access to that alias.

If I use the opnsense DNS lookup under interfaces/diagnostics that FQDN is properly looked up.

So what am I missing here. Why can't I use FQDN with an alias pointer.

CJ · July 04, 2023, 07:37:17 PM

Quote from: dgk on July 04, 2023, 07:09:19 PM
I am allowing along certain hosts to a firewall rule.

If I try to use a FQDN in the "content" field of a FW alias Host(s) then use that alias the firewall does not allow that host as a source.

But if I replace in that "content" field of the alias with the actual IP of the that host then the firewall works correctly allowing access to that alias.

If I use the opnsense DNS lookup under interfaces/diagnostics that FQDN is properly looked up.

So what am I missing here. Why can't I use FQDN with an alias pointer.

What FQDN are you using? Host.Domain works for me in the Hosts aliases.

zan · July 05, 2023, 07:20:49 AM

QuoteIf I use the opnsense DNS lookup under interfaces/diagnostics that FQDN is properly looked up.

Try to inspect the alias via Firewall>Diagnostics>Aliases and see if it gets resolved properly.

Only IPs work for Firewall Alias "Host(s)", not able to use a FQDN

dgk

July 04, 2023, 07:09:19 PM

CJ

July 04, 2023, 07:37:17 PM #1

zan

July 05, 2023, 07:20:49 AM #2