Configuring IP Address Check Services for Dynamic DNS

pfSense® software supports custom IP address check services. These services are used by Dynamic DNS clients to determine the public IP address of the firewall when a WAN interface is behind an upstream NAT device.

To create or edit one of these services, navigate to Services > Dynamic DNS on the Check IP Services tab.

Settings

The following settings are available for a service entry:

Enable:

Allow this service to be used by Dynamic DNS clients.

Name:

A short name to identify this service.

URL:

The full URL to the IP address check page.

Username/Password:

Optional authentication to use when accessing the URL.

Verify SSL Peer:

Check this box if the server has a self-signed SSL certificate or a certificate from a CA that is not trusted by the firewall.

Description:

A longer description of this service.

Once a service is defined, it may be selected on individual Dynamic DNS service entries.

Server-Side Configuration Examples

Hosting one of these services is very simple. The server page need only print the requesting client IP address in the expected format:

Current IP Address: x.x.x.x

nginx (internal/native)

location /ip {
    default_type text/html;
    return 200 "<html><head><title>Current IP Check</title></head><body>Current IP Address: $remote_addr</body></html>";
}

nginx (internal with LUA)

location = /ip {
    default_type text/html;
    content_by_lua '
        ngx.say("<html><head><title>Current IP Check</title></head><body>Current IP Address: ")
        ngx.say(ngx.var.remote_addr)
        ngx.say("</body></html>")
    ';
}

PHP

<html>
     <head>
             <title>Current IP Check</title>
     </head>
     <body>
             Current IP Address: <?=$_SERVER['REMOTE_ADDR']?>
     </body>
</html>