• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Azure Dynamic DNS setup help

Scheduled Pinned Locked Moved DHCP and DNS
3 Posts 1 Posters 1.8k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    altano
    last edited by Dec 29, 2018, 11:18 AM

    Does anyone know how to setup Dynamic DNS with Azure? I setup everything as best as I could figure (without instructions) but my IP won't update and the logs have a 403 error:

    Dec 29 02:31:33 	php-fpm 	92151 	/services_dyndns_edit.php: Beginning configuration backup to .https://acb.netgate.com/save
Dec 29 02:31:34 	php-fpm 	92151 	/services_dyndns_edit.php: End of configuration backup to https://acb.netgate.com/save (success).
Dec 29 02:31:34 	php-fpm 	92151 	/services_dyndns_edit.php: Dynamic DNS: updatedns() starting
Dec 29 02:31:34 	php-fpm 	92151 	/services_dyndns_edit.php: Dynamic DNS azure (example.org): NN.NN.NN.NN extracted from local system.
Dec 29 02:31:34 	php-fpm 	92151 	/services_dyndns_edit.php: Dynamic DNS (example.org): running get_failover_interface for wan. found igb0
Dec 29 02:31:34 	php-fpm 	92151 	/services_dyndns_edit.php: Dynamic DNS azure (example.org): _update() starting.
Dec 29 02:31:34 	php-fpm 	92151 	/services_dyndns_edit.php: Dynamic DNS azure (example.org): _checkStatus() starting.
Dec 29 02:31:34 	php-fpm 	92151 	/services_dyndns_edit.php: phpDynDNS (example.org): PAYLOAD: 403
Dec 29 02:31:34 	php-fpm 	92151 	/services_dyndns_edit.php: phpDynDNS (example.org): (Unknown Response)

    To set this up I:

    1. Created an "App registration" in Azure
    2. Under that app registration I created a "Client secret"
    3. Created a DNS Zone for the domain and pointed my name servers at the Azure name servers
    4. Created a Dyn DNS client in pfSense with:
      • Service Type = Azure DNS
      • Interface to monitor = WAN
      • Hostname = my domain, let's say example.org
      • Username = A GUID copied from "Application (client) ID" in the Azure app registration
      • Password = The client secret I created above
      • Zone ID = the resource id of the DNS Zone, looks like /subscriptions/<GUID>/resourceGroups/<resource group>/providers/Microsoft.Network/dnszones/example.org
      • TTL = 900

    What can I do differently to get this to work?

    1 Reply Last reply Reply Quote 1
    • A
      altano
      last edited by Dec 30, 2018, 2:24 AM

      I was missing this step:

      1. Go to DNS Zone in Azure
      2. Click "Access Control (IAM)"
      3. Click "Add" button under "Add role assignment"
        • Role = DNS Zone Contributor
        • Assign access to = Azure AD user, group, or service principal
        • Select = <Application ID guid from App Registration>

      I'm not sure if this is correct, but it is working.

      1 Reply Last reply Reply Quote 1
      • A
        altano
        last edited by altano Dec 30, 2018, 1:21 PM Dec 30, 2018, 1:01 PM

        I spoke too soon: the record that got created is for example.com.example.com. I guess I should be specifying @ or nothing as the hostname so that the correct record gets set, but pfSense just tells me The hostname contains invalid characters. when I try those values.

        EDIT: I was able to workaround this by creating an A alias record in the Azure DNS Zone from @ to example.com. This is a dumb workaround though, I'd rather pfSense just updated the correct record in the first place.

        1 Reply Last reply Reply Quote 1
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received