Skip to main content

How to Configure Dynamic DNS in pfSense

  • Author:
  • Updated date:

Sam works as a network analyst for an algorithmic trading firm. He obtained his bachelor's degree in information technology from UMKC.

Since I don't have a static IP for my home internet connection, my public IP address can change at any time. Some ISPs don't offer static IPs on home connections, and those that do typically charge steep extra fees for them.

In reality, you really don't need a static IP in order to run basic services using your home internet connection. Instead of trying to keep track of the IP address myself, I use the Dynamic DNS service in my pfSense router to automatically update a DNS hostname with my current IP.

Whenever I need to remotely access a service running on one of my computers, I simply connect using the dynamic DNS hostname. It's much easier to remember a DNS name, and if your ISP changes the address, it's completely transparent to you.

Uses for Dynamic DNS

I use my Dynamic DNS address to access my home computer using remote desktop and also for accessing my Linux server via SSH. It's also very helpful for remotely managing pfSense firewalls located offsite.

There are a variety of other things you could use your dynamic hostname for, such as an FTP server, web server, or any other application that you need remote access to.

Once you have configured your hostname, you will need to set up port forwarding to allow access to the services from your public IP.

Most dynamic hostname services offer a client that you can download and run on your computer to keep your IP address up to date. The advantage of letting pfSense handle the task is that you don't need to worry about the computer running the client being turned on all the time.

Creating the Hostname

Before you can begin configuring pfSense, you need to register with a dynamic DNS provider and choose a hostname to use.

There are several companies that offer free DNS, but I would recommend using DynDNS. I have been using their service for several years, and it has proven to be very reliable and easy to use.

To get started, visit the DynDNS Free registration page and click on "Get it Now." You must choose a unique name for your subdomain. There are several domains you can choose from for your subdomain. Choose "Host with IP address" for the service type.

Enter your public IP address in the next field, or can click the link below the field to use the address which was detected automatically. Once pfSense has been configured, it will take care of updating the address in the future.

Then click on "Add to Cart" to finish setting up your account. Once you have filled out the account creation form, click on "Create Account."

The username and password you choose here will need to be entered into pfSense, so make a note of them.

DynDNS registration page

DynDNS registration page

Configuring pfSense

The next step after creating your domain is to configure the update client in pfSense. The configuration page is listed under the services menu as Dynamic DNS.

On the configuration page, click on the plus symbol on the right-hand side to add a new provider. You can add as many different providers as you want; this allows you to have multiple hostnames.

Since I have a dual WAN router, I use a different hostname for each of the WAN interfaces. If one of my WAN connections goes offline, I can still reach my home network by connecting to the hostname for the other interface.


Walking Through the Settings

Below is an explanation of each of the settings on the configuration page.

  • Disable - Leave this box unchecked
  • Service type - Choose DynDNS here unless you created an account with one of the other providers.
  • Interface to monitor - Most users will select WAN here unless you have multiple WAN interfaces.
  • Hostname - In this field, you need to enter the full hostname that you created in the DynDNS account you set up earlier. For my example, I'm using
  • MX - This can be left blank unless you plan on configuring your subdomain for email routing.
  • Wildcards - My personal preference is to leave this unchecked. If you enable it then it allows users to type <anything> So for my example, would still resolve to my public address.
  • Username - Enter your DynDNS username here, or the username for the service you are going to use.
  • Password - Enter the password associated with the username above.
  • Description - Not a required field but allows you to enter some details about the client. If you're running multiple clients it's helpful to keep track of what each one is for.

Once you're done with the configuration click on "Save."


Verifying It Works

To make sure everything is working, go back to the dynamic DNS page on the services menu. If the cached IP is green, then the hostname was successfully updated. I always ping the domain to make sure that it resolves to the correct IP address. I've noticed that sometimes it can take several minutes for the hostname to propagate to other DNS servers on the internet.

The updater will automatically update the dynamic host each time the WAN IP changes or every 25 days. Some services will remove inactive hosts if they are not updated at least once every 30 days.

When the cached IP appears in green then the hostname as been successfully updated.

When the cached IP appears in green then the hostname as been successfully updated.


If your hostname is not updating, first make sure that the pfSense router has a functional internet connection. Also, check to make sure the interface you've selected actually has a public IP address (Status \ Interfaces).

To further troubleshoot the problem check the system logs for error messages. To view the logs, click on "System Logs" in the status menu. Scroll down to the filter box and enter services_dyndns_edit, then click the filter button. This will display all of the log messages for the DNS updater client.

The system logs can be used to identify any problems.

The system logs can be used to identify any problems.

This article is accurate and true to the best of the author’s knowledge. Content is for informational or entertainment purposes only and does not substitute for personal counsel or professional advice in business, financial, legal, or technical matters.

© 2011 Sam Kear


Sam Kear (author) from Kansas City on August 07, 2018:


You can limit bandwidth per user by using a captive portal. Take a look at my article regarding captive portals and also review the video below. You'll want to use the "Per-user bandwidth restriction" setting.

Vishal Naipal on August 07, 2018:

Dear sir, i have a question. how can you use pfsense to give a specific person more bandwith conection than another one? and is there an option to keep a track on who is doing what ore how much bandwith conection a person is using weekly ore something.

Sam Kear (author) from Kansas City on April 02, 2018:


As far as I'm aware GoDaddy doesn't directly support dynamic DNS updates. There are a couple of possibilities though. One option might be to create a cname record at GoDaddy that points to a dynamic DNS domain. You could then use the built in client to update the dynamic domain.

There is also some python code out on github that uses the GoDaddy API to update a DNS record. I have not tested this before though.

It looks like there are people who have python working within pfSense.

Hope this helps.

James on April 02, 2018:


Would you have any insight into how to set this up using GoDaddy instead of DynDNS?

Vijay Thakur on April 16, 2012:

Thanks for submitting such wonderful tutorial. Kindly give more detail that how can we access our LAN Windows 7 machine behind a pfSense Firewall on remote location.