HOW TO OPEN PORT FIREWALL FOR Dynamic DNS

hoba

I don't really understand the question. Are you providing services (like hosting a webserver) to the public that can be accessed by a dyndns-account and have problems to open your webserver to the world or are you having problems updating your dyndns account?

mohdhizami

i so sorry my english not so good… i hope u can understand... :-[

1.can u teach me how to setting Dynamic DNS and i has register with dynDNS

2.i want use my dynDNS from internet to monitor my pfsense

3.or want must i do first... ??? ???

plzz help me....

hoba

To make the pfSense update a dyndns account you have to configure setting at services>dyndns in the webgui. This will only work if the pfSense sits at a real public IP with it' WAN and not behind another natted router.

To access your pfSense from the internet you have to open the needed ports at firewall>rules, WAN. Create a rule like:
pass, protocol, tcp, source any, destination WAN-ADDRESS, port HTTP, gateway default.

This should work if the webgui still sit's at port 80. However it's recommended to set it to HTTPS and run it at a more random port when open to the public. You can change that at system>general.

mohdhizami

what u mean "This will only work if the pfSense sits at a real public IP with it' WAN and not behind another natted router."

my pfsense get ip from modem.

–-----my lan (192.168.2.x)
my modem ip 192.168.2.2---
-------my pfsense wan server (192.168.2.3)--- on pfsense lan ip (192.168.1.1)

sorry i don not how to explain you but this image on my network

plzz help me.. :P

Bredys

Its double NAT. You dont have public ip on pfsense wan interface. You cannot reach pfsense wan ip from net.
What modem you have? ADSL? If your provider giving you public ip you must disable nat on your adsl modem and switch modem to transparent /bridge/ mode, and than configure pfsense wan to PPPoE…

mohdhizami

i use modem linksys AM300.. ADSL..

Bredys

Ups… i dont see your diagram before...
Still i dont know if you have public IP from your provider... on ADSL modem wan side.
If yes, it will be better put your PFsense right behind your ADSL modem (set in transparent mode) and equip PFsense with 3 ehternet ports. (1 for wan, 1 for lan and 1 for optional wifi)

mohdhizami

i use Dynamic ip…
wan ip for pfsense 192.16.2.3
lan ip for pfsense 192.168.1.1

??? ???

Bredys

Im asking for your internet IP not pfsense IP…

Oki... i think your network will be easier if you follow my diagram:
Red zone is secure zone for wifi (you can set rules on pfsense)
Green zone is your lan

If you remain on your layout, you need to create a nat rule on our ADSL modem that nat traffic from some external port to internal IP of your PFSense (ex. wan IP, port 9999 to 192.168.2.3, port 80 or 443) and then on your wan interface on PFSense allow port 80 or 443.

lan.png_thumb

mohdhizami

Ooo… ok... tq my friend... :D :D

if i want control my speed at wifi 384kbps and lan 1mbps still can.? or not..???

if can, can u teach me.. ;D ;D

mohdhizami

i have follow your diagram:

but i can enter my pfsense from internet..???

plzz help mee… :'( :'(

Bredys

If your ADSL modem is transparent you must set new rule in Wan that allow traffic from internet to port 80 or 443 (or your selected port for webgui)

mohdhizami

TQ is work…. you are the best.... :D :D :D