My namecheap dyndns entry (one of ~6 on my firewall) works properly for me, and I've been rebooting/reconnecting a lot lately, and my IP has been changing now and then.

I wrote the namecheap dyndns support on 2.0 so if there is a problem I can look at it, but it seems to be fine for me.

There are a few things that puzzle me about your description.

@Deviant:

I'm currently using the bridge feature bridging LAN and WAN with a DHCP server on LAN with the /23,

Apparent your pfSense LAN interface has an IP address of 175.x.x.1 and the WAN interface has an IP address of 32.x.x.24. How did you configure that? (In my experience when interfaces are bridged at most one can have an IP address or the bridge interface itself has an IP address.)

@Deviant:

I need to be able to hand out DHCP addresses from the /23 in a 1:1 scenario but use the gateway of the /29.

I don't understand this. Your DHCP clients need a gateway on their own subnet. The gateway is the machine that gets traffic off the subnet. If the gateway is off the subnet, how do the clients get traffic to the gateway?

@Deviant:

How do I get a fully routed DHCP setup so the clients using the /23 are not being routed asymetrically.

I don't understand how asymmetric routing would be possible in the configuration you described.

Unless I've missed something crucial in your description I think you need pfSense WAN interface IP address 32.x.x.24/29 pfSense LAN 175.x.x.1/23 and no bridging. Your DHCP clients will use 175.x.x.1 as their gateway and pfSense will route traffic to the internet over its default route to 32.x.x.23. If your WAN IP address is static (as distinct from DHCP on WAN always giving you the same address) you will probably have to create a gateway (web GUI: System -> Routing, click on Gateways tab) to specify 32.x.x.23 as the default gateway. Since your LAN has public internet addresses you will probably want to disable NAT. Since your ISP has (presumably) given you two subnets I presume they will setup their routing tables so traffic to 175.x.x.x/23 will go to 32.x.x.24 where pfSense will route it onto your LAN.

Thank you wallabybob Changed the Cable modems DHCP subnet and it all works like a Champ.

Thanks

That checks whether that IP is live in the firewall's ARP cache (the only way it can tell if something is alive), if the host hasn't tried to get to the Internet in several minutes it'll show offline.

normal, explained here. http://osdir.com/ml/network.dhcp.isc.dhcp-server/2004-01/msg00287.html

@Darkk:

DynDNS seems to always come up but I read in the forums if they don't receive an update for over 30 days the account will expire?

Most people including myself use DynDNS. The client automatically updates every 25 days if your IP hasn't changed so you don't have to worry about that, my IP generally only changes maybe once or twice a year and I never have to touch it.

I too have wireless on my opt port so I like having the old lease being shown until I delete it myself or it ran out of IPs.

Since most of us have large DHCP scopes the old entries won't get purged until it runs out of fresh IPs.

In your case you could drop the scope down a bit and it will clear itself out.

Darkk

@jimp:

When testing with DNS tools, always end a fully qualified domain name with a "." - otherwise it will assume you want to append your system's search domain.

So to lookup "www.google.com" you must use "www.google.com."

The most common way that you see the behavior you are getting is if "mydomain.com" has wildcard DNS enabled, so it's responding to any query with the same reply.

Due to the search domain being used, it ends up getting a response for a query that usually fails.

So your problem could be solved by disabling wildcard DNS on your domain name.

try without www, don't use it at all.

It can be anywhere a hostname is allowed: firewall aliases, IPsec endpoints, captive portal allowed hostnames, etc.

It might be easier to download a copy of the config.xml (From Diagnostics > Command) and then search through the file to see where it is.

I have it fix by using the IP of the captive portal gateway under Services>Captive Portal>HTTPS Server Name

Hello!

I think you need to bridge WAN and LAN.

/illern

everey interface you assign needs a static IP address.
after saving and applying this you have to go to SERVICES - DHCP server and configure the dhcp server for you interfaces LAN, OPT1, OPT2, OPT3
saving and applying this.
Thats all.

Do you have a router between pfSense WAN interface and Internet? If so pfSense won't normally see changes in the public IP address.

I'm using a pfSense 2.0 snapshot build and the following description applies to pfSense 2.0 which I presume you are using.

When last I looked, if the WAN interface has a private IP address then the public IP address gets polled (by visiting a web site that return just the public IP address) at 1am with a change in public IP address triggering a DNS update (if dynamic DNS is configured).

If you have a modem between pfSense WAN interface and the internet then the WAN interface probably has a public IP address and pfSense can see when that IP address changes and immediately trigger a dynamic DNS update.

I use a dynamic DNS service. I used to have an ADSL modem/router (acting as a router) between the pfSense WAN interface and the Internet. I changed it to a modem to get prompt dynamic DNS updates.

Xtropx…

NP
Thanks for the info and this gives me more understanding on rules....
I see you have setup specific ports for specific services on the WAN side...

Best Regards;

H.

Hi…

that is strange...
If you have the DNS setup and the DNS server is on same inside LAN subnet is it possible the pfSense is using outside DNS gateway server?
I also know Squid can cause naming issues but not sure if this is the issue either as I only ran it on one setup I was using and had name resolution through the gateway... I never checked the DNS on the internal lan as it was a small network with one static IP database.

H.