Steve setup 192.168.0.12 as ftp.Draytek.com send a ping and resolves to the address, no reply as I don't have and ftp server running.
ping ftp.Draytek.com reply given ftp.Draytek.com [192.168.0.12]

Is the ftp server running, I don't know if and ftp server will reply to a ping

On https yes its on my local network but as I use wifi to connect and manage the AP, I would like to have it https.

I have stunnel running to secure connect to security camera, thought I could route via stunnel

I wasn't expecting a reply I just wanted to see how it resolved, but the fact it appears to resolve as 192.168.0.12 means it's working as expected for you. Although, I'm guessing this could still be a model/firmware issue because you are using a 2962? I'd really need somebody with a 2927 on v4.3.2 to confirm whether it works or not.

As you are hijacking my thread for your https requirement, let me give you my thoughts...

If you are using WiFi (presumably under your control), then unless you have no security on that, then it will be encrypted at the transport level, and so I'd still question the real need for https. AFAIK you would need the camera to support the installation of a SSL Certificate in order for it to work properly over https. Also, to create a certificate (unless you are going to use a self certified certificate) you would need it to be for a public domain, as I'm pretty sure you can't get certificates from public certification autorities, e.g. LetsEncrypt, for IP addresses or private domains. You could possibly create a certificate for a domain you own, and then use that domain in the LAN DNS entry for your local device, then the domain for the camera would match the certificate, even though it is only internal, but as I say, I think you would have install the cert on the camera (I don't recall seeing that on any of my IP cameras).

Then again, I could be totally barking up the wrong tree.

Steve, I have a 2927ax running 4.3.2

This feature is not something I have a use for but as per your request I set LAN DNS ftp.draytek.com to 192.168.1.4

Pinging ftp.draytek.com from 192.168.1.10 gives me "Destination Host Unreachable"

Doesn't make any difference if I set "same subnet reply" or not.

Does that help?

(I should add that I find 4.3.2 on the 2927ax is somewhat more stable than 4.3.2 on the 2927ac - the router only reboots itself every 1-2 days, the 2927ac rebooted every couple of minutes )

Piste Basher wrote:
Steve, I have a 2927ax running 4.3.2

This feature is not something I have a use for but as per your request I set LAN DNS ftp.draytek.com to 192.168.1.4

Pinging ftp.draytek.com from 192.168.1.10 gives me "Destination Host Unreachable"

Doesn't make any difference if I set "same subnet reply" or not.

Does that help?

(I should add that I find 4.3.2 on the 2927ax is somewhat more stable than 4.3.2 on the 2927ac - the router only reboots itself every 1-2 days, the 2927ac rebooted every couple of minutes )

Thanks - it does appear that it's working as expected for you, but not for me. How odd. I'm just using a vanilla 2927, but it seems unlikely that's the issue?

I've put in a ticket to Draytek Support, as there must be something weird going on.

Steve I was not in anyway hijacking your thread. Rather putting into context how I use LAN DNS

johnpa7 wrote:
Steve I was not in anyway hijacking your thread. Rather putting into context how I use LAN DNS

I was only joking. Don't worry.