Sounds like they need a systems administrator on site.

Dyndns services simply resolve a given hostname to your IP, they don't touch any of your traffic to your hostname. Short of getting a VPS or other server out on the Internet somewhere and connecting to it instead and having it do the port rewriting magic via netcat or similar, there isn't a solution for that.

You almost certainly don't want to have dhclient running on eth0 since that is likely to result in two different MAC addresses asking for DHCP configuration from your ISP (unless your cable modem is acting as a DHCP server). Have you checked the pfSense firewall log for signs DHCP requests has been blocked by the firewall? Have you done a packet capture in pfSense to look for DHCP traffic? @otakucode: Am I correct in thinking that if it were receiving requests, they would be recorded in the DHCP logs? Yes @otakucode: If I tell the machine to use DHCP, I end up with a garbage IP (169.x.x.x). That is the usual consequence of a machine not receiving DHCP response. @otakucode: In the VM, both the LAN and WAN connections are set to be bridged to the two physical NICs, one connected to my LAN, the other to my cable modem.  In Ubuntu, in the /etc/network/interfaces file I configured the WAN-connected interface (eth0) to receive no IP, and the other interface is set up with eth1:1 with a static IP, and eth1 with no IP. I'm not as familiar with Linux networking as I am with FreeBSD networking. What the meaning of an interface name like eth1:1? VLAN with VLAN tag 1 on physical interface eth1? @otakucode: I did notice both my adapters are now in promiscuous mode, which is apparently necessary for the bridged networking to function. Yes.

What? what is this fqdn of the phone server?  phoneserver.something.tld ? Then for something.tld you are forwarding it where?  What nameserver are you forwarding it to that can resolve hosts in something.tld? Do you have access to this server?  Can you directly query it and it resolves your phoneserver.something.tld Or do you just wan your pfsense to return IP X, say 1.2.3.4 when you ask for phoneserver.something.tld - you can have the forwarder return whatever IP you want for whatever host you want.  You do not have to forward to another server to ask for the IP of the fqdn.

Hey Guys, I really made a very, very stupid mistake :(. Seems like everything happened because I gave my client via static DHCP the same IP as the LAN interface of the pfSense machine. I just did not use my eyes nor my brain. Thanks for your support!

I'll give that a try, thanks

I have submitted this as bug to freebsd, just waiting on confirmation that it was taken, will post link to report as soon as I get it here in this thread. Ok the problem has been posted - you can follow it here http://www.freebsd.org/cgi/query-pr.cgi?pr=170279

@NOYB: Complaining to ISC wouldn’t help either.  Even if they made the change, by the time pfSense upgraded to a version of FreeBSD that used it, IPv6 would be a distant footnote in internet history.   ;) LOL, funny but not entirely accurate. Actually just in the past few months pfSense has upgraded several packages (e.g. the above mentioned ISC dhcpd, or lighttpd) to their very latest stable version, mostly to address vulnerability issues. Anyway, I know what you meant, but it's a direct consequence of the development model. Unless someone is willing to fund a certain pfSense feature, it might take years before it's implemented (just look at how long it took for the Snort package).

I set this MAC to static IP and block this IP from accessing anything at Firewall Rules. I can't even manually delete this DHCP lease. What a strange?  :o

The client you're pinging/resolving from - is it actually using pfSense as its DNS server? If it resolves from Diag > DNS, then it would from clients using pfSense as their DNS server. If it's using some other DNS server, it may be finding fiinas by NBNS and not DNS.

If they are static IP addresses, why do they need to be set using a dyn dns agent?  Just go to your dyn dns service and set them.  Since they are static they should never change.

Activated rules DHCP Registration and Static DHCP in the tab Services: DNS forwarder and it worked. Thanks for the advice!

Thank you, wallabybob and GruensFroeschli, for your suggestions. I bridged the two connections as suggested and it worked!  Now everything gets an IP address in the 192.168.1.x range, and everything can see each other. In case anyone else is wondering, here are the instructions I used: http://forum.pfsense.org/index.php/topic,20917.0.html

http://snapshots.pfsense.org/

take a look on https://github.com/bsdperimeter/pfsense-packages ipguard is a small package that you can base yours.

1.2.2 … well I would upgrade ... there are no patches or any development going on for that version. Try 1.2.3 if you cannot move out of the 1.2 series. I would highly recommend moving to 2.0. Most likely that issue has been fixed since then.

Look at Captive Portal Pass Through MAC as that may do what you need.

Well MAC address works only in local lan, and can't never go "through/over" router.. that's why ip-addresses are invented. But you could do dhcp-reservation for this mac address and make firewall rule to allow only one ip-address, and that is the same with the reservation