Dynamic DNS client can't determine public IP from behind NAT router



  • I have a pfSense install with two WANs, both are provided by upstream NAT routers. My two interfaces on pfSense are both in the DMZ of their respective upstream router, but are provided local IP addresses.

    Due to another problem I am currently experiencing, I have a strong need for dynamic DNS. However, pfSense is unable to determine the public IP for either interface. I have disabled the built in 'check IP' service and added 3 others - my own hosted script and two public ones. If I curl these URLs from pfSense command line it correctly returns the public IP.

    In the logs I can see it is failing to determine the public IP for an unknown reason.

    Nov 29 22:11:44 php-fpm 338 /rc.dyndns.update: Dynamic DNS (ddns1.mydomain.com) There was an error trying to determine the public IP for interface - Failover (em1 ).
    Nov 29 22:11:45 php-fpm 338 /rc.dyndns.update: Dynamic DNS (ddns2.mydomain.com) There was an error trying to determine the public IP for interface - opt1 (em2 ).

    I am using Cloudflare DDNS.