Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Use FQDN-Host Object for Device Access ACL

Is there an workaround to use FQDN-Host Objects as a source for ACL exception rule on Device access?

I used "DNS Host" Objects back in Sophos SG/UTM to limit WebAdmin Access by keeping flexibility of centrally changing DNS-Entrys.

How to do this in XG/SFOS? I can select FQDN-Host Object as Source within (D-)NAT-Rules, but not in DeviceAccess ACL?



This thread was automatically locked due to age.
Parents
  • That is currently not possible. I would always recommend to use Central to have Webadmin access. For SSH, use a VPN Client. 

    __________________________________________________________________________________________________________________

  • Is there anything on the roadmap to change this in (near) future releases?
    Would be great to use definitions, as FQDN-Hosts consistent in nearly every Spot you can select other network object.

    There's probably no security reason for not allowing fqdn-host objects as you can select a whole country as a source for an exception.

Reply
  • Is there anything on the roadmap to change this in (near) future releases?
    Would be great to use definitions, as FQDN-Hosts consistent in nearly every Spot you can select other network object.

    There's probably no security reason for not allowing fqdn-host objects as you can select a whole country as a source for an exception.

Children
No Data