Important

Netgate is offering COVID-19 aid for pfSense software users, learn more.

Configuring IP Address Check Services for Dynamic DNS

pfSense® software version 2.3.3 and later support custom IP address check services. These services are used by Dynamic DNS clients to determine the public IP address of the firewall when a WAN interface is behind an upstream NAT device.

To create or edit one of these services, navigate to Services > Dynamic DNS on the Check IP Services tab.

Settings

Fill out the form fields on the page as follows:

  • Enable: Allow this service to be used by Dynamic DNS clients

  • Name: A short name to identify this service

  • URL: The full URL to the IP address check page

  • Username/Password: Optional authentication to use when accessing the URL

  • Verify SSL Peer: Check this box if the server has a self-signed SSL certificate or a certificate from a CA that is not trusted by the firewall.

  • Description: A longer description of this service

Once a service is defined, it may be selected on individual Dynamic DNS service entries.

Server-Side Configuration Examples

Hosting one of these services is very simple. The server page need only print the requesting client IP address in the expected format:

Current IP Address: x.x.x.x

nginx (internal/native)

location /ip {
    default_type text/html;
    return 200 "<html><head><title>Current IP Check</title></head><body>Current IP Address: $remote_addr</body></html>";
}

nginx (internal with LUA)

location = /ip {
    default_type text/html;
    content_by_lua '
        ngx.say("<html><head><title>Current IP Check</title></head><body>Current IP Address: ")
        ngx.say(ngx.var.remote_addr)
        ngx.say("</body></html>")
    ';
}

PHP

<html><head><title>Current IP Check</title></head><body>Current IP Address: <?=$_SERVER['REMOTE_ADDR']?></body></html>