It works here, but only once I got DNS properly configured.
You don't say which local DNS server you're using, but since the only on-topic one here would be RouterOS's built-in offering, the configuration needs to look like this:
Points of interest:
You don't say which local DNS server you're using, but since the only on-topic one here would be RouterOS's built-in offering, the configuration needs to look like this:
Code:
/ip dns staticadd address=10.10.64.7 name=switch00.mylocaldomain.comadd cname=switch00.mylocaldomain.com name=sw.mylocaldomain.com type=CNAME/ip dhcp-server networkadd address=10.10.64.0/24 dns-server=10.10.64.7 domain=mylocaldomain.com …Points of interest:
- Use FQDNs, not bare host names
- If you add a CNAME — "sw" in the example above — use an FQDN for it, too, pointed at the canonical FQDN
- Add your domain name to the DHCP server config, without which the above two rules will prevent use of hostname-only lookups.
- Each self-signed cert you mint for TLS/HTTPS needs to list all possible names and IPs in the SAN field, not just the canonical FQDN. Per RFC2818, leave the common-name field blank; browsers don't pay attention to that any more.
Statistics: Posted by tangent — Sun Mar 10, 2024 5:48 am