DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Allow inbound device by hostname instead of IP address

  • dougwzz99
  • Topic Author
  • Offline
  • New Member
  • New Member
More
15 Oct 2020 12:33 #97418 by dougwzz99
I want to allow an external device through my firewall. This device does not have a static IP address but it does use a dynamic IP address name service.

Can I create a firewall filter rule to use the host name to lookup the IP address in order to allow this device through the firewall?

Thanks.

Please Log in or Create an account to join the conversation.

More
16 Oct 2020 10:10 #97427 by fchef
Simple answer, no!

Please Log in or Create an account to join the conversation.

  • dougwzz99
  • Topic Author
  • Offline
  • New Member
  • New Member
More
18 Oct 2020 20:12 #97453 by dougwzz99
I thought as much. Having looked at the manual I could not see an (easy) way to do this. The TELNET interface does give command line options to create/update rules and objects, I'll investigate that as a possible solution, although it does not look very straightforward.

Please Log in or Create an account to join the conversation.

More
18 Oct 2020 21:54 #97454 by fchef
Just create an IP object with current IP, and create firewall rule with this. Every now and then just edit the object with new IP.
I have the same issue with a client (RDP) and a set him up a dyndns in his PC. Every week I ping that dyndns hostname to view current IP. Not a good option, but a good and well paying customer!

Please Log in or Create an account to join the conversation.

  • dougwzz99
  • Topic Author
  • Offline
  • New Member
  • New Member
More
19 Oct 2020 09:21 #97458 by dougwzz99
Thanks. I see IP object is editable via the TELNET command line. I may be able to use this to automate a ping and IP object update using a scheduled Windows task. Maybe an Autoit script or even just a DOS batch file. Should be possible in theory at least!

Please Log in or Create an account to join the conversation.

More
31 Oct 2020 22:12 #97591 by destroyer
You'd be better just getting a device that can do that i.e Palo Alto. You'll pay a lot for it though.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami