In order to be able to offer our system and the service to our customers in a more future-oriented way and in the best quality, we regularly introduce improvements and extensions. These are accompanied by security audits to ensure compatibility with the currently applicable BSI requirements.
Since June 2021 we have been offering an alternative to the public IP address for the VPN endpoint, namely an FQDN (DNS name). This information can be found at:
Network > Office (Edit) > Gateway Settings
How does FQDN / DNS for SwyxOn works?
The SwyxON backend generates UC tenant-specific FQDNs and provisions corresponding DNS entries in a DNS resolver. When establishing the VPN connection, the FQDN entry is resolved by the gateway and the connection can be established.
Why do I have to change?
Using an FQDN entry gives our customers more flexibility and resilience. Furthermore, this technology is considered future-oriented and has been recommended by us as the service provider since June 2021.
By moving to FQDN, our customers stay connected and protected from the upcoming changes. This is the only way we as the operator can guarantee future-proof and uninterrupted operation.
In the future, the use of the static public IP address in our data centers will be restricted and ultimately discontinued on the SwyxON side.
What should I do?
Check for your SwyxON tenants, that the VPN gateway connects to the SwyxON system with the respective FQDN instead of with a static IP address.
You can find general information on establishing the VPN connection under IPsec-VPN-Parameter for VPN-Clients. When using the FQDN, the only thing to note is that the DNS name must be entered instead of the gateway IP address. With certain devices (e.g. Bintec) the setting "Pear-ID: FQDN" also must be applied when using IKEv1
Please sign in to leave a comment.