Netgate SG-1000 microFirewall

Author Topic: Here's how to monitor VPN public addresses using ddns client (no domain needed)  (Read 122 times)

0 Members and 1 Guest are viewing this topic.

Offline TechyTech

  • Jr. Member
  • **
  • Posts: 25
  • Karma: +7/-0
  • It's the little bits that are the biggest problems
    • View Profile
For anyone looking to monitor the dynamically assigned public IP address of any WAN or OpenVPN link but do not want or need to create a public DDNS domain, this is a quick way to dummy up the Dynamic DNS Client custom configuration to retrieve the public IP so it can be displayed on the gui interface using the ddns client widget.

pfSense DDNS uses the configured service under Services >> Dynamic DNS >> Check IP Services to retrieve the public IP address of a DDNS client, then uses the configured Update URL to update an external service, that later of which is not of concern when we just want to see what the external address is and not update an external dynamic domain.

So for this configuration we are only interested in the public IP that is retrieved and don't  care about updating an external dns service, however the GUI requires entering a URL, but allows not verifying the results of the update URL, so we just need a dummy entry that will fail quickly so we can get to displaying the retrieved / cached public IP.

For each interface you wish to monitor the external Public IP, add & configure a DDNS client as follows:

Service Type: Custom

Interface to monitor & Interface to send update: <set both to interface to retrieve public IP for>

Verbose logging: check (as needed for debugging)

HTTP API DNS Options: Check Force IPv4 DNS Resolution

Username / Password: blank

Update URL: http://localhost

Result Match: blank

Description: External IP

That's it.

For each configured ddns client interface pfSense will retrieve and cache the Public IP address, and since we don't care about the update URL or the results, when it fails, you still get an IP lookup that is displayed in the DDNS status and gui widget.

Now just add the DDNS client widget to the gui and have up to date external public NAT'd IP address for each interface.