Project

General

Profile

Actions

Feature #8385

open

Utilize IP addresses from successfully authenticated OpenVPN endpoints to Update Firewall Rules

Added by Kristopher Kolpin almost 7 years ago. Updated over 6 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
-
Start date:
03/22/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

OpenVPN is extremely useful for providing authentication and encryption for remote branch locations and individual road warriors. However, sometimes it is more efficient to offer connectivity directly through the firewall to the intended server instead of a tunnel. This could be due to MTU, MSS, latency issues or other restrictions and limitations.

With static IPs for remote Branches and users this is feasible. However, for end branches and users on dynamic IPs it becomes more complicated as dynamic DNS updater applications have to be installed on each remote endpoint

I propose allowing a Firewall Alias to be created to which IPs from successfully connected remote OpenVPN sessions can be added automatically.

Actions

Also available in: Atom PDF