SonicOS supports NAT policies using FQDN Address Objects for the original source/destination.
Use cases include:
Specifying public IP addresses with FQDN to a local server
Specifying a public server with FQDN for consistency across replacement with a server that has a known IP address
Routing traffic from/to a FQDN to have a source IP address other than the outbound interface IP.
The following functionality is supported:
The original source/destination can be a pure FQDN or an address group with FQDN(s) and other IPv4 or IPv6 addresses, depending on the IP version of the NAT policy. A new FQDN address object can be directly created from the POLICY | Rules and Policies > NAT Rules page.
FQDN is not supported for the translated source/destination.
IP version options are provided for a NAT policy only if the version is ambiguous based on settings for original/translated source/destination fields. Either IPv4 or IPv6 must be selected.
Mousing over an FQDN object of a NAT policy displays the IP addresses in the same IP version as the NAT policy.
When NAT translation is performed, only the IP addresses in the NAT's IP version are considered.
The Advanced page is disabled if FQDN is used in either or both the original source/destination fields.
If probing is enabled and/or the NAT method is configured to a non-default value such as Sticky IP, neither of original source/destination address objects can be modified to contain an FQDN.
FQDN based NAT policies are supported in High Availability configurations.