Last Updated on August 15, 2022 by Thiago Crepaldi
In a previous post, we have been through the steps to setup DuckDNS DDNS on your pfSense. However, if you are using CloudFlare as your DNS provider, it makes sense to configure it to also provide a Dynamic DNS for your domain. It is worth remembering that CloudFlare has a free version to manage your personal domain, and pfSense support its DNS out of the box, with an official plugin.
Cloudflare setup
In order to create dynamic DNS records on CloudFlare, you have to obtain your Global API Key as described in a previous post about issuing Let’s Encrypt certificates using CloudFlare. It is a straight forward process, which consists of going to your My Profile page, clicking API tokens and click on View at the Global API key row. After that, go to the DNS management page and click Add record and do as follows:
- Type: A
- Name: ddns (or any other subdomain name that you like)
- Content: 0.0.0.0 (pfSense will update to your real IP later)
- TTL: 15 min
- Proxy status: DNS Only
Click Save and your job is done on CloudFlare
pfSense Setup
Now that you have an A record for your sub-domain and the Global API Key, on your pfSense, go to Services >> Dynamic DNS page. Click on Add button and fill in the form as follows:
- Disabled: unchecked
- Service type: CloudFlare
- Interface to monitor: WAN
- Hostname: ddns or whatever A record was created
- Domain name: yourdomain.com or whatever is your domain name
- Cloudflare Proxy: unchecked
- Verbose logging: unchecked
- Username: the email used during your CloudFlare account creation
- Password: use your Global API Key here
- TTL: 900s or any period you prefer
- Description: Any descriptive message will do
Click on Save. If you entered all correct information, right after saving, you will be redirected to the Dynamic DNS clients page and see your public IP set on Cached IP column. If it shows 0.0.0.0, something went wrong. Click on edit button, check the Verbose logging box, click on Save and force update and go to Status >> System Logs to get the error message. You probably got a typo and the log will show more details. Once you get running, don’t forget to edit your configuration one more time to disable Verbose logging! That is it!