3rd Party DDNS Service

Comments

17 comments

  • Avatar
    Firewalla

    What firewalla DDNS does is to provide you with a constant pointer to your IP address that may be changing.   You really do NOT need a third party DDNS service to get this.  If you need a better / friendly name that ends with firewalla.org, please let us know, as this will cost us to implement.

    If you have your own domain already, the best way to use the firewalla DDNS is to map it using CNAME  https://en.wikipedia.org/wiki/CNAME_record

     

    1
    Comment actions Permalink
  • Avatar
    Hans Tobeason

    Thank you for your reply.  I do have a "friendly" DDNS name through DynDNS (and my own domain) - I should have been more clear in my initial post - I see how to use the built-in Firewalla DDNS, but that URL ain't gonna stick in my head...  I'll try to figure out the CNAME process.  BTW, I've had my Firewalla Gold running for about two hours now, and I'm VERY impressed...

    0
    Comment actions Permalink
  • Avatar
    Hans Tobeason

    Okay...  I've read the Wikipedia page on CNAME mapping - and I'm pretty lost.

    If my domain is xyz.com, and I want the URL <xyz.com:9999> to point to my Firewalla DDNS <blahblah.d.firewalla.org>, do I modify the CNAME record for xyz.com?  I assume that's the case...so I need to point the CNAME for xyz.com *to* blahblah.d.firewalla.org?  Am I even close?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    You can not port to a port mapped domain like xyz.com:9999 to something else without a port.   The port mapping part is likely to be 999 on xyz.com and 999 on firewalla ddns.  

    Now what you need to do is create a domain, say "something.xyz.com" and have it mapped to the ddns given by firewalla via CNAME.   How CNAME works depends on the service provider, examples here

    https://www.godaddy.com/help/add-a-cname-record-19236

    https://aws.amazon.com/premiumsupport/knowledge-center/route-53-create-alias-records/

    0
    Comment actions Permalink
  • Avatar
    Hans Tobeason

    I believe I've already figured this out!  Surprising the heck out of myself...

    At my registrar (Dreamhost), I added a CNAME record that pointed <remote.xyz.com> to <blahblah.d.firewalla.org>.

    That way I'm not messing with my regular xyz.com site.

    Amazingly, this seems to be working!  I'm setting Port Forwarding rules in the Firewalla iOS app, and my requests are being directed correctly.  It couldn't be easier.

    Thank you for your assistance!!!

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    I use Cloudflare to point to my home network for access to a few devices. I wrote this script to check my IP and update it on Cloudflare. Note, that because I'm using dual WAN I check the ISP and only update it if it is my primary ISP. Otherwise I skip the update. 

    Of course  I run this at Firewalla startup and using crontab.

    https://gist.github.com/mbierman/d4c6aac8e741fb0cbb289ce1899df59a

    0
    Comment actions Permalink
  • Avatar
    VAV

    I find the lack of 3rd party DDNS a little depressing.  Such a simple feature that’s on every other router I’ve ever installed.  Now I can’t redirect or web hop on dyndns account cuz I need the ports carried through from client to their destination and if I decide to keep this Firewalla gold I’ll have to rewrite the code in dozens of client’s systems that I have set up to connect to my server daily to deposit a daily sitrep log.  My cisco router died just before the new year and I’ve used the gold before but never looked at the ddns setting.  

    2
    Comment actions Permalink
  • Avatar
    Firewalla

    @Dan did you look at the CNAME part from previous comments? 

    DDNS is nothing more than mapping a domain name to a floating IP like your router. And if you don't like the DDNS name given by us, you can easily use CNAME to map it to something else. 

    -1
    Comment actions Permalink
  • Avatar
    Danny Joe

    I too would like support for 3rd Party DDNS. I'm not interested in publishing across DNServers through a firewalla.org CNAME pointer, that I and my business (perhaps VPN, FTP and website) are probably behind a Firewalla router, or any other information that might make a hacker's job easier. If there is ever an identified vulnerability in Firewalla, a hacker could easily search DNS's worldwide for anything that matches "firewalla.org" in a CNAME, and easily find potential victims.

    I'd also really rather that there be NO publicly available "firewalla.org" DNS entry be pointing at my router's IP address, for the same reason. This is a rather significant security concern.

    4
    Comment actions Permalink
  • Avatar
    Ricardo Marques

    I just got a Firewalla Gold and finding out that a simple feature that it is implemented on my ~$100 Asus router and not here is a little bit disappointed.

    I'll stick to my Firewalla for now because it has a lot of pros but I hope you guys can come with a solution. I have been using Noip for my DDNS for years and it does not let me apply CNAME to my main hostname. Now what can i do!?

    I also strongly agree with @Danny Joe, this is could be a security problem. Also talked here  https://www.reddit.com/r/firewalla/comments/i4h026/disable_firewalla_ddns/. We should have the option to disable this if we don't want it.

    I hope you guys really do something about it. Thanks

    5
    Comment actions Permalink
  • Avatar
    WS Techstuff

    While I completely agree this should be more powerful than it is, as a CNAME doesn't solve all use cases for ddns, if you have a docker compatible firewalla box, you could run this docker DDNS updater to handle it:

    Note:  I have no affliation with this project or firewalla, just trying to add helpful ideas to the thread, as this is probably my number 1 missing feature on setting this new $600 firewall up and turning off opnsense..

    https://hub.docker.com/r/qmcgaw/ddns-updater/

    2
    Comment actions Permalink
  • Avatar
    Porpoise

    Is there any web form for feature requests? I would also like to have generic DDNS support.

    0
    Comment actions Permalink
  • 1
    Comment actions Permalink
  • Avatar
    Mina Abiskhiroon

    Would you please allow 3rd party Dynamic DNS such as DynDNS, noip, etc.?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    You should easily install these via a docker container; please see https://github.com/tjhackzy/cloudflare-ddns-v2 for example. Cloudflare, I am very sure you can find others.

     

    0
    Comment actions Permalink
  • Avatar
    Mina Abiskhiroon

    It is frustrating to say the least to be honest, why does it have to be that difficult to make it available for users?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Since we can't really control what a third-party DDNS service does, we can't really securely integrated. (Unless majority people need this service)

    0
    Comment actions Permalink

Please sign in to leave a comment.