before some weeks ago one could address the ProtonVPN servers by their domains names such as us-01.protonvpn.net. These domain names have gone and one needs to address the servers by their IP address.
why has this been done?
is there an official blog post or information on this move? if not, why not?
On of the ISP and cloud firewall work well to block VPN service is by resolving domain names.
Yeah, for pfsense, in particular, it’d be great to have regional domains as other vpn companies (e.g., us-west.proton… or us-east.proton…)
The DNS name is not a reliable way to connect to the server - it is better to use the IP directly. This can happen anytime that the DNS is changed or outdated. Generally, it’s safer to use the IP of the server directly rather than utilize DNS when using hostnames.
Are you serious? Following your argument we would use IP addresses instead of domain names for everything. Back to the stone ages of the Internet!
Using domain names is as reliable as the maintainer of the records and the infrastructure. Changes to the ProtonVPN name records are made by ProtonVPN. Are you implying that ProtonVPN is unable to reliably maintain their DNS records?
I think you miss the benefits of DNS. It is MUCH more flexible to use the domain name, as it remains stable even when the IP address has been changed, of course the owner needs to make the effort to maintain the DNS records properly. Is that the reason there are no DNS records any more that ProtonVPN is unwilling to make this effort?
The way it is now, users who run different endpoint tools than the ProtonVPN apps needs to update their config files every time when ProtonVPN changes any IP addresses of the servers in use. To me this is seems unreasonable - even customer-unfriendly, unless there is a compelling reason why ProtonVPN would make such a move.
Honestly, is there any important reason why ProtonVPN shifts this effort from their end to numerous customers who now need to maintain changes by ProtonVPN on their client end?
Using domain names is as reliable as the maintainer of the records and the infrastructure.
I stopped reading after this. ProtonVPN is made to avoid “records” of your activity. And that is not the primary reason why DNS was removed. In some countries, VPN connections are blocked because the connections to the VPN server is made through domain name, which can either be easily blocked or poisoned by ISP, ordered by government or directly.
Bro you deserve an award for this i too was adding the DNS names to my Mikrotik Routers as i use Wireguard from the Mikrotik to dial out the VPN for my Home WiFi and was adding the DNS names in the allowed address list everytime a connect to a new server. Using a DNS name ensures that the server is always reachable should the IP change or to mask the IP address itself if its set to not respond to ICMP packets. Not the other way around
Nobody stops anyone using the IP addresses, and the ProtonVPN apps do it like that anyway. So why “cripple” others whose threat model allows using DNS to resolve the VPN server IP? Not everybody lives under a totalitarian regime, the most people don’t i’d daresay, and still they have use cases for VPNs. I still haven’t seen a compelling reason to do this.