- NG Firewall firmware versions 4.2.x, 5.0.x, 5.2.x
- netfence firmware versions 4.2.x
If a DNS-object or a network-object with more than one IP is used in the "Target List" of a Redirect-Rule the firewall does not redirect the traffic (in case of a DNS-Object) or uses only the first IP which is added in the network-object. Affected is local firewall, forwarding firewall and c-FW with kernel/accelerated and userspace ruleset.
The firewall is not designed to use DNS-objects or network-object with more than one IP as "Target-List". It is an issue that you can select this objects in the rule editor.
It is planned to add support of DNS-objects and network-objects with more than one IP as Target-List for "Redirect" and "Local Redirect" rules but there is actual no milestone defined.