pfSense FirewallWorking remotely is pretty common these days, and even if you take your iPad with you, you always end up needing to access something on your local computer. For this, I have a Windows Server to which I connect to via Microsoft Remote Desktop. This works out great and allows me to access files, or use applications on my Windows box, that are not installed on say my iPad or my MacBook. However in order to get to my home machine, I need to have an external address on the internet. For this I have my own domain name which I have had for a few years now. The other issue I have is that my home internet connection does not have a static external IP address and so the IP address changes from time to time. Even though I have a domain name, I need a way for the domain name records to update every time the IP address changes on my DSL modem. This is what Dynamic DNS was invented for: updating DNS records as needed with new IP addresses. If you have your own domain name, you usually have to pay a provider to host your DNS and they will provide some sort of software or script that will update your DNS. This posting details how I setup pfSense to update my DNS provider ChangeIP.

Add Dynamic DNS to pfSense

First log into your pfSense admin panel and choose Services – Dynamic DNS. Under the DynDNS tab click on the cross icon to add an entry. You will come to a screen like this one:

pfSense Firewall DDNS

  • Change Service type to Custom
  • Check the Enable verbose logging option
  • Add your Update URL
  • Add a description
  • Click Save

Update URL

The URL needs to be specific to your setup at ChangeIP. In my case, I have one domain with the three basic DNS A records: domain-name.net, www.domain-name.net, and ftp.domain-name.net

Here is an example of the URL:

https://nic.ChangeIP.com/nic/update?u=username&p=password&set=1&ip=%IP%

In order to update all my dns records, I have setup domain-name.net, www.domain-name.net, and ftp.domain-name.net to be in set 1 at ChangeIP. The SET= parameter tells ChangeIP to update records in set 1 to the IP specified. The %IP% is a the variable pfSense uses to input the IP address it resolves for the WAN interface. Reference ChangeIP DDNS API Information for parameters and Setting Sets for DDNS Update.

Adding Cronjob for DDNS

With the Cron package installed, it is easy to add and modify Cron jobs. What I recommend doing is scheduling a Cron job to run every ten minutes.

pfSense Firewall Cron DDNS

Checking System Log

Once you force the update, it is important to check to see if it worked. You can check the System Log in pfSense to see if there were any problems that occurred and then at ChangeIP, check your Domain Manager – Premium Domains – Domain-Name – A records, to see if all records in Set 1 updated to the same IP address.