DDNS Service
-
I have pfSense+ setup behind Comcast/Xfinity modem/router. When in Bridge Mode, pfSense/Cloudflare DDNS works fine. When Bridge Mode disabled it does not work. I have tried Port Forwarding on Xfinity modem for ports 80/443 & 53/853 and setting Pass rules on pfSense fire wall rules for the WAN interface > no luck. Issue with Bridge Mode is I experience high Packet Loss. I called Comcast but did not get any resolution. Suggestions?
-
@bobl4002 said in DDNS Service:
Mode is I experience high Packet Loss. I called Comcast but did not get any resolution. Suggestions?
Didi you at the WAN menue enable to accept the traffic
from privat IPs?Interfaces > WAN menue
-
@bobl4002 Thanks for input. I did try your suggestion and in addition to Applying the Changes, I also did Power Off/On of my device. DDNS entry to Cloudflare account still not active.
-
@bobl4002 What is the “it” that doesn’t work? DDNS doesn’t update your IP? What does the log show for an attempt?
If your issue is port forwarding then either the Xfinity router needs to forward ports or put your router in its DMZ to forward all ports.
Allowing 443 on WAN will let the Internet log in to pfSense, not a good idea. A NAT rule would forward that port to a server on your LAN.
-
That is correct > DDNS service. I have it configured under Services/Dynamic DNS, using a client connection to CloudFlare. It works fine if Xfinity router in Bridge Mode, providing pfSense with Public IP address. When Bridge Mode disabled, Xfinity router assigns a 10.0.0.xxx IP address to pfSense.
I have now Port Forwarded 53/853 (DNS designated ports) to pfSense on Xfinity router and unchecked the boxes on Interfaces/WAN in pfSense. Also setup Firewall Rules/WAN to allow these ports with destination to "This Firewall". DDNS client still shows as inactive.
My issue with using Xfinity modem/router in Bridge Mode is that there is extreme Packet Loss. For some reason Bridge Mode assigns public IP from completely different IP range than the non-Bridge Mode. Spent most of day yesterday with Xfinity TechSupport trying to resolve > no luck there.
Thanks for your input.
-
@bobl4002 Any inbound port forwarding or firewall rules on WAN are completely unrelated to DDNS IP detection and should be removed unless you're trying to let the Internet access your router or network.
Per the DDNS "edit" page (services_dyndns_edit.php) "If the interface IP address is private the public IP address will be fetched and used instead." If that's not working try running the DDNS client on a PC behind pfSense.
-
At suggestion of Xfinity rep, I exchanged the DB7 modem/router for newer DB8. Now when I enable Bridge Mode all works fine. I pulled an IP address from a completely different block of IP addresses. Not sure how they go about assigning the IP addresses. Now the issue with DDNS running in non-Bridge Mode is a moot point. Thanks again for your assistance.
