Restrict access by ddns on firewall

I have a webserver with an external ip behind a firewall but I don't want everybody to have access on it.  I am thinking of setting up ddns on the site that I would allow access to then I will restrict access based on these ddns on the firewall.  Seems perfect but when I put these policies in, the firewall does not detect those ddns address but I can ping it.  The policy is (untrust)       x.x.x.x (external true ip - trust)        http (service)

If I change the untrust to any, it works fine.  If I put this ddns address in, the policy greys out and it searches very slow.

My firewall is a netscreen ssg5
Who is Participating?
johnyu1997Connect With a Mentor Author Commented:
The problem is the dns setting on the firewall was pointed to the trusted interface instead of untrusted interface.  Working good now.
Ping uses ICMP not HTTP so you would need to block ICMP requests as well I believe.
johnyu1997Author Commented:
You are not getting my point.  I am trying to allow access from certain ddns addresses.
johnyu1997Author Commented:
Because the answer is the exact solution.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.