VPN to user domain names rather than IP

RouterOS General
1

Hi,

I have been reading quite a bit about setting up a site-to-site VPN with dynamic IP’s. However, what I cannot understand, why does Mikrotik not just allow domain names instead of IP’s from the get-go. This seems the easiest solution. Now instead you need to run scripts to check IP’s and update it as it goes. If you could just add a domain name from scratch it make setup a lot faster. Now that people often use better equipment at home because of cheaper internet prices I would have thought this would have been done a long time ago already.

Should I put in development request? :slight_smile:

Thanks,

Warren.

2

The programs used internally in the router (to which the interface you see is only supplying configuration information) do not support that.
People in the secure VPN world often don’t like DNS, because it cannot (or could not) be trusted, and it could be possible to break into the
system by spoofing DNS information to it.

But who knows what will be in RouterOS v7 where as it appears a lot of this software will be rewritten inside MikroTik or maybe partly
replaced by newer generations of externally obtained software… e.g. with DNSSEC requirement.