Is there a way to allow access to specific FQDNs or endpoints instead of opening routes to the whole CIDR? Also if we can only allow specific ports to be accessed via the VPN.
I think I saw this question already asked in the past and the answer was that no, FQDN is not possible, only CIDR. But bear in mind, you can give a CIDR with /32 mask, thus limiting it to a single IP address.
Not 100% sure, but my bet is, you can’t specify a port, nor provide an ‘endpoint’ – those won’t work. I wouldn’t expect such a feature from a network router. And that’s what I consider this functionality to be – a network router.
There isn’t any option for domain routes and it is difficult to automate with the API because it requires stopping the server to modify.
Got it, thanks for the update ya’ll.