3rd Party DDNS Service
I cannot find any functionality in Firewalla Gold that allows a 3rd party DDNS service to be set up - specifically DynDNS. Is this correct? And, if so, is there any plan to add such functionality? Thank you.
-
What firewalla DDNS does is to provide you with a constant pointer to your IP address that may be changing. You really do NOT need a third party DDNS service to get this. If you need a better / friendly name that ends with firewalla.org, please let us know, as this will cost us to implement.
If you have your own domain already, the best way to use the firewalla DDNS is to map it using CNAME https://en.wikipedia.org/wiki/CNAME_record
-
Thank you for your reply. I do have a "friendly" DDNS name through DynDNS (and my own domain) - I should have been more clear in my initial post - I see how to use the built-in Firewalla DDNS, but that URL ain't gonna stick in my head... I'll try to figure out the CNAME process. BTW, I've had my Firewalla Gold running for about two hours now, and I'm VERY impressed...
-
Okay... I've read the Wikipedia page on CNAME mapping - and I'm pretty lost.
If my domain is xyz.com, and I want the URL <xyz.com:9999> to point to my Firewalla DDNS <blahblah.d.firewalla.org>, do I modify the CNAME record for xyz.com? I assume that's the case...so I need to point the CNAME for xyz.com *to* blahblah.d.firewalla.org? Am I even close?
-
You can not port to a port mapped domain like xyz.com:9999 to something else without a port. The port mapping part is likely to be 999 on xyz.com and 999 on firewalla ddns.
Now what you need to do is create a domain, say "something.xyz.com" and have it mapped to the ddns given by firewalla via CNAME. How CNAME works depends on the service provider, examples here
https://www.godaddy.com/help/add-a-cname-record-19236
https://aws.amazon.com/premiumsupport/knowledge-center/route-53-create-alias-records/
-
I believe I've already figured this out! Surprising the heck out of myself...
At my registrar (Dreamhost), I added a CNAME record that pointed <remote.xyz.com> to <blahblah.d.firewalla.org>.
That way I'm not messing with my regular xyz.com site.
Amazingly, this seems to be working! I'm setting Port Forwarding rules in the Firewalla iOS app, and my requests are being directed correctly. It couldn't be easier.
Thank you for your assistance!!!
-
I use Cloudflare to point to my home network for access to a few devices. I wrote this script to check my IP and update it on Cloudflare. Note, that because I'm using dual WAN I check the ISP and only update it if it is my primary ISP. Otherwise I skip the update.
Of course I run this at Firewalla startup and using crontab.https://gist.github.com/mbierman/d4c6aac8e741fb0cbb289ce1899df59a
-
I find the lack of 3rd party DDNS a little depressing. Such a simple feature that’s on every other router I’ve ever installed. Now I can’t redirect or web hop on dyndns account cuz I need the ports carried through from client to their destination and if I decide to keep this Firewalla gold I’ll have to rewrite the code in dozens of client’s systems that I have set up to connect to my server daily to deposit a daily sitrep log. My cisco router died just before the new year and I’ve used the gold before but never looked at the ddns setting.
-
I too would like support for 3rd Party DDNS. I'm not interested in publishing across DNServers through a firewalla.org CNAME pointer, that I and my business (perhaps VPN, FTP and website) are probably behind a Firewalla router, or any other information that might make a hacker's job easier. If there is ever an identified vulnerability in Firewalla, a hacker could easily search DNS's worldwide for anything that matches "firewalla.org" in a CNAME, and easily find potential victims.
I'd also really rather that there be NO publicly available "firewalla.org" DNS entry be pointing at my router's IP address, for the same reason. This is a rather significant security concern.
-
I just got a Firewalla Gold and finding out that a simple feature that it is implemented on my ~$100 Asus router and not here is a little bit disappointed.
I'll stick to my Firewalla for now because it has a lot of pros but I hope you guys can come with a solution. I have been using Noip for my DDNS for years and it does not let me apply CNAME to my main hostname. Now what can i do!?
I also strongly agree with @Danny Joe, this is could be a security problem. Also talked here https://www.reddit.com/r/firewalla/comments/i4h026/disable_firewalla_ddns/. We should have the option to disable this if we don't want it.
I hope you guys really do something about it. Thanks
-
While I completely agree this should be more powerful than it is, as a CNAME doesn't solve all use cases for ddns, if you have a docker compatible firewalla box, you could run this docker DDNS updater to handle it:
Note: I have no affliation with this project or firewalla, just trying to add helpful ideas to the thread, as this is probably my number 1 missing feature on setting this new $600 firewall up and turning off opnsense..
https://hub.docker.com/r/qmcgaw/ddns-updater/ -
-
You should easily install these via a docker container; please see https://github.com/tjhackzy/cloudflare-ddns-v2 for example. Cloudflare, I am very sure you can find others.
Please sign in to leave a comment.
Comments
17 comments