How to Configure Dynamic DNS in pfSense
Since I don't have a static IP for my home internet connection my public IP address can change at any time. Some ISP's don't offer static IP's on home connections and those that do typically charge steep extra fees for them.
In reality you really don't need a static IP in order to run basic services using your home internet connection. Instead of trying to keep track of the IP address myself I use the Dynamic DNS service in my pfSense router to automatically update a DNS hostname with my current IP.
Whenever I need to remotely access a service running on one of my computers I simply connect using the dyamic DNS host name. It's much easier to remember a DNS name, and if your ISP changes the address it's completely transparent to you.
Uses for Dynamic DNS
I use my Dynamic DNS address to access my home computer using remote desktop and also for accessing my Linux server via SSH. It's also very helpful for remotely managing pfSense firewalls located offsite.
There are a variety of other things you could use your dyamic host name for such as an FTP server, web server, or any other application that you need remote access to.
Once you have configured your host name you will need to set up port forwarding to allow access to the services from your public IP.
Most dynamic host name services offer a client that you can download and run on your computer to keep your IP address up to date. The advantage of letting pfSense handle the task is that you don't need to worry about the computer running the client being turned on all the time.
Creating the Hostname
Before you can begin configuring pfSense you need to register with a dynamic DNS provider and choose a hostname to use.
There are several companies that offer free DNS but I would recommend using DynDNS. I have been using their service for several years and it has proven to be very reliable and easy to use.
To get started visit the DynDNS Free registration page and click on "Get it Now". You must choose a unique name for your sub domain. There are several domains you can choose from for your sub domain. Choose "Host with IP address" for the service type.
Enter your public IP address in the next field, or can click the link below the field to use the address which was detected automatically. Once pfSense has been configured it will take care of updating the address in the future.
Then click on "Add to Cart" to finish setting up your account. Once you have filled out the account creation form click on "Create Account"
The username and password you choose here will need to be entered into pfSense so make a note of them.
The next step after creating your domain is to configure the update client in pfSense. The configuration page is listed under the services menu as Dynamic DNS.
On the configuration page click on the plus symbol on the right hand side to add a new provider. You can add as many different providers as you want, this allows you to have multiple host names.
Since I have a dual WAN router I use a different hostname for each of the WAN interfaces. If one of my WAN connections goes offline I can still reach my home network by connecting to the hostname for the other interface.
Walking through the settings
Below is an explanation of each of the settings on the configuration page.
Disable - Leave this box unchecked
Service type - Choose DynDNS here unless you created an account with one of the other providers.
Interface to monitor - Most users will select WAN here unless you have multiple WAN interfaces.
Hostname - In this field you need to enter the full hostname that you created in the DynDNS account you set up earlier. For my example I'm using samkear.dyndns.org
MX - This can be left blank unless you plan on configuring your subdomain for email routing.
Wildcards - My personal preference is to leave this unchecked. If you enable it then it allows users to type <anything>.domain.dyndns.org. So for my example www.samkear.dyndns.org would still resolve to my public address.
Username - Enter your DynDNS username here, or the username for the service you are going to use.
Password - Enter the password associated with the username above.
Description - Not a required field but allows you to enter some details about the client. If you're running multiple clients it's helpful to keep track of what each one is for.
Once you're done with the configuration click on "Save".
Verifying it works
To make sure everything is working go back to the dynamic DNS page on the services menu. If the cached IP is green then the hostname was successfully updated. I always ping the domain to make sure that it resolves to the correct IP address. I've noticed that sometimes it can take several minutes for the hostname to propagate to other DNS servers on the internet.
The updater will automatically update the dynamic host each time the WAN IP changes or every 25 days. Some services will remove inactive hosts if they are not updated at least once every 30 days.
If your hostname is not updating first make sure that the pfSense router has a functional internet connection. Also check to make sure the interface you've selected actually has a public IP address (Status \ Interfaces)
To further troubleshoot the problem check the system logs for error messages. To view the logs click on "System Logs" in the status menu. Scroll down to the filter box and enter services_dyndns_edit, then click the filter button. This will display all of the log messages for the DNS updater client.
© 2011 Sam Kear
More by this Author
Learn how to easily set up a captive portal using pfSense. Captive portals provide an easy way to authenticate users accessing the internet at Wi-Fi hotspots, hotels, apartments, or business centers.
Heavy bandwidth users can slow down your entire network. This hub will show you how to use pfSense to set up traffic shaping to prioritize internet traffic.
The Snort package allows you to turn a pfSense firewall into a powerful network intrusion detection system. Learn how to set it up here.