IP Expiration and Host Name Mismatch: A Common Client Server Connectivity Issue

Abstract

Most whitelists refer to IP addresses, not host names, so when an IP address expires, a client-server may be unable to establish a secure connection with the host server because the new IP address is not on the whitelist. The problem is different for dynamic and static IP addresses because of the inherent change frequency, thus warranting different solutions. For dynamic IP, more flexible whitelists or automated whitelist modifications may be more feasible. For static IPs, manually modifying the script that allows whitelisted servers to pass through the firewall may make more sense, especially if security is a major concern.