Dynv6 with pfsense
-
Does anybody know, how to setup dynv6 in pfsense? Is it possible? I have only DS-Lite and want to setup openVPN. Therefore I need an IPv6-dyndns.
Thanks in advance
haunted -
Ok, I made it with spdyn. It works.
But then…I setup an IPv6-Host in spdyn and if I type the adress of this host, I get the webgui for login to pfsense! Shock!
Shouldn't the webGUI be blocked on WAN by default? I have no rules on WAN, exept the "Block private networks" and "Block bogon networks".How to block the WebGUI on WAN or make it like "only on LAN", but still can use openVPN as server on pfsense? Can't find the right "buttons". Fear!
I stopped it again for reasons of precaution.Thanks in advance
haunted -
" I get the webgui for login to pfsense! Shock!"
And where are you putting in this IPv6 address when you get the webgui?
If your on the lan side of pfsense then yes you can hit the wan IP since normally the lan rules where your coming from are any any. But if you were coming from wan side then yes the default rules are block any.. And you would not be able to access the webgui from the wan side unless you allow for it.
-
Hello johnpoz,
thanks a lot for your reply and explanation! I got it. :-*
Back to the topic:
I also got dynv6 running.
Under "Services" -> "Dynamic DNS" one has to choose a "Custom"-entry in "Service Type".
Username and password isn't needed, only the update-url. How to build this can be found in the dynv6-documentation https://dynv6.com/docs/apis.
url-examples are shown in the linked script.Many greetings.
-
Both username and password are filled with token, then it works fine
-
@netgate_etagten I realize this is an old thread, but it is the only one "on topic" and your comment is from last year, so...
Under pfSense 24.11-RELEASE (amd64), this does not work with the Token in the user name and password fields. It fails in all my attempts.
However building a Custom entry with the following URL:
https://dynv6.com/api/update?ipv6=auto&hostname=YourHostName.dynv6.net&token=YourHTTPTokenworks just fine. It is odd that it does not work, since Redmine Feature #9642 calls it out as completed back in 2017. Regression perhaps?
-
If your prefix is consistent, you don't need DynDNS. I've had the same prefix for almost 6 years and just use a regular DNS server.
