• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Help with bind package and dynamic dns server by my own and ecme package

Scheduled Pinned Locked Moved pfSense Packages
2 Posts 2 Posters 632 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L
    luisenrique
    last edited by Jan 9, 2019, 3:54 PM

    Hello, before all sorri about my english
    I have two servers dns on primary and secondary pfsense, we need multidomain certificates with letsencrypt and we must validate our domain through dynamic dns and there is our doubt, we do not have access to external providers to our network to host the txt registry for validation or make a CNAME(maybe in future), and we want to do in our own pfsense dynamic server with bind package, I read but almost all the guides refer to configure pfsense as a client and using an external dynamic dns (noip, dyndns, ...) but not in the pfsense itself the package bind installed a dns2136 (maybe it is a problem of my interpretation) I read this article https://www.netgate.com/docs/pfsense/dns/rfc2136-dynamic-dns.html
    I need to clarify since I have followed the steps but when I try to validate my domain to request the certificate I receive an error when trying to update the txt registry for my invalid TSIG domain.
    I have created my key on Bind DNS Setting Global options.
    then in the configuration of the ecme package I specify this key and it gives me the same error, am I omitting something? please clarify me.
    if I have access to a free dynamic dns provider, I can create an alias to my domain, for example:
    midominio.cu -> CNAME midominio.noipdns.com host my txt record in that dynamic provider only for validation ... excuse my ignorance I am new to this topic, my other question is how can I bind it in pfsense to make it dynamic and On that same server using the ecme package to validate and update the txt registry on the same server box.
    regards and sorry about my english

    1 Reply Last reply Reply Quote 0
    • G
      Gertjan
      last edited by Jan 10, 2019, 6:09 PM

      @luisenrique said in Help with bind package and dynamic dns server by my own and ecme package:

      https://www.netgate.com/docs/pfsense/dns/rfc2136-dynamic-dns.html

      To get you started : check out the link again. Read everything several times.
      Using a script or program (like nsupdate) locally, or remotely, works great but every bit counts here : one slightest error and your ko.

      The big hint is here https://www.netgate.com/docs/pfsense/dns/rfc2136-dynamic-dns.html - the last line :
      And that should be it. Assuming the firewall has connectivity to the name server, and there are no other access policies that would prevent the update, RFC2136 DynDNS service is now working. Should anything not work as expected, check the system log and/or the log on the name server.

      The last 6 six words will gie you the solution : check out bind's log files (they have to be set up of course).
      They tell you how the update went, and what failed.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      1 Reply Last reply Reply Quote 1
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received