Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DDNS not functioning after router change

    Scheduled Pinned Locked Moved DHCP and DNS
    12 Posts 3 Posters 666 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      James92 @SteveITS
      last edited by

      @SteveITS Sorry, poor wording on my part. The DDNS client within PFSense is pulling the correct IP, and is functioning in that respect but the hostname does not work when trying to connect.

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @James92
        last edited by

        @James92 If you are connecting from LAN ensure reflection is enabled for the rule.

        If you are connecting from the Internet, then if your pfSense has a public IP it should just need ports forwarded. If it is not a public IP then the ISP router has to also forward the same ports. Or if using CG-NAT there is no way to do incoming outside of a VPN relay.

        3389 is Remote Desktop, are you sure you want that enabled from the entire Internet?

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote ๐Ÿ‘ helpful posts!

        J 1 Reply Last reply Reply Quote 0
        • J
          James92 @SteveITS
          last edited by

          @SteveITS

          This is for connection from the internet, LAN is not relevant as a client device exists that can monitor the equipment locally. The router has a public IP but the firewall is within a private network (192.168.1.x). Would the router need to mirror all related port forwarding rules on the firewall? Currently only HTTP and HTTPS are forwarded.

          It isn't CG-NAT, that was a prior issue which has now been resolved.

          3389 was recommended by DynDNS but I have since disabled as it seems this is not necessary at all.

          S V 2 Replies Last reply Reply Quote 0
          • S
            SteveITS Galactic Empire @James92
            last edited by

            @James92 Yes the ISP router would need to forward the ports also. Or on most routers you can forward all ports if it has a DMZ setting, by setting pfSense as its DMZ.

            Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
            Upvote ๐Ÿ‘ helpful posts!

            J 1 Reply Last reply Reply Quote 0
            • J
              James92 @SteveITS
              last edited by

              @SteveITS I tried setting it as a DMZ to be honest but I didn't try to mirror all port forwards. I'll fiddle with that and see if it brings any joy, thank you.

              1 Reply Last reply Reply Quote 0
              • V
                viragomann @James92
                last edited by

                @James92
                If your router has a static IP, why do you need DDNS at all? Just configure your public DNS to point to its WAN IP.

                However, on the outer router incoming traffic has to be forwarded.
                Do you have your own public IP on this router? Or is it just one shared to all?
                If the IP is shared, note that e.g. HTTP access to it can only be forwarded to a single device (router) behind.

                J 1 Reply Last reply Reply Quote 0
                • J
                  James92 @viragomann
                  last edited by

                  @viragomann I have explained to the team that now it is static they are best to move away from DDNS. This was more a temporary measure to get the network back up and running as it is a key part of critical infrastructure.

                  There is only one public IP on the router, so shared amongst all clients however all the other clients that are separate from our network are just connected via DHCP. As such, forwarding HTTP to our firewall shouldn't be a problem.

                  V 1 Reply Last reply Reply Quote 0
                  • V
                    viragomann @James92
                    last edited by

                    @James92 said in DDNS not functioning after router change:

                    I have explained to the team that now it is static they are best to move away from DDNS. This was more a temporary measure to get the network back up and running as it is a key part of critical infrastructure.

                    Your topic is "DDNS not functioning after router change". So I'm wondering, what's your problem now if it's not DDNS.

                    J 1 Reply Last reply Reply Quote 0
                    • J
                      James92 @viragomann
                      last edited by

                      @viragomann short term the DDNS is the issue. The network has been running DDNS for years (since we didn't have a static IP).
                      Long term it will be switched to DNS based on the static IP but that isn't possible immediately (although, given the DDNS connection isn't working currently there may be no choice)

                      V 1 Reply Last reply Reply Quote 0
                      • V
                        viragomann @James92
                        last edited by

                        @James92
                        And what doesn't work exactly?

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.