I have a pair of Edgerouter X's updated to 1.9. Using the UI, I have been able to establish a working IPSec tunnel between them if I enter IP addresses in the "Peer" text box.
However if I switch to using a hostname instead (e.g. home.mydomain.com), the tunnel fails to connect. I made no other changes. Since everything works fine with IP addresses, I don't think this is a firewall issue.
If I open the CLI and ping my full hostname, it works fine and the name resolves to the correct address. Although for some reason if I open the Ping or Trace tool in the Toolbox UI and do the same, I get an "unknown host" error on one box, but not the other. Pinging other hosts in the same domain works fine (e.g. my website). Rebooting the boxes or reloading the UI doesn't change anything. This is with the "system domain name" setting on the "System" page set to a blank value.
If I change the "system domain name" setting to my domain, I can ping the hostname only in the Toolbox Ping tool, but not the FQDN (e.g. pinging "home" works, but pinging "home.mydomain.com" doesn't - error: unknown host). In the CLI I can ping either just the hostname or the FQDN and both respond as expected.
Adding my domain in the "system domain name" setting has no effect on my tunnel. It still fails whether I use just my hostname or a FQDN.
I reviewed the Config Tree settings (vpn | ipsec | site-to-site) and everything seems to look normal. If I enter an IP addresss, I see an IP address in the Config Tree. If I enter a hostname, I see a hostname. It's just that the tunnel won't work with the host name.
The IP addresses for both domain names are of course dynamically assigned (which is why I need to use a hostname and not an IP addresss). Both names get associated with an IP using the "Dynamic DNS" page. I've confirmed with my provider (Dyn.com) that this is working correctly.
Am I missing something? Not sure what is going on.