How to use Cloudflare’s free dynamic DNS with pfSense

This guide will show you how to use Cloudflare’s free dynamic DNS to automatically update your domain’s “A” (or address) record natively within pfSense

Before we get started there are three things that are required:

  • a configured pfSense installation
  • a Cloudflare account
  • a domain name that is configured to use Cloudflare

If (or once) you have all of this, we can move on to the first step:

Get your Cloudflare API key

To allow pfSense to authenticate and communicate with Cloudflare, you need to get a hold of your Application Program Interface (or API) key. This key is a very important password. Do not give it out to anyone.

  1. Log in to your Cloudflare account
  2. Navigate to your account settings page and scroll to the API Key section
  3. Under Global API Key click on View API Key
  4. Copy the key. You may put it in a text file temporarily but you should never save this key to your computer, much less in a plain text file.
Set up the Dynamic DNS service within pfSense

Now that you have your API key we’re going to go ahead and set up the DDNS service within pfSense. This is a feature that ships with pfSense by default, so no additional packages are required.

  1. Log in to your pfSense dashboard
  2. Under Services go to Dynamic DNS
  3. Click on the Add button
  4. Under Service Type select Cloudflare
  5. For Interfaces, select the interface you’d like the service to monitor. In most cases this will be your WAN interface. If you have multiple WANs, select the one you wish to use here.
  6. Under Hostname type in your domain name. In my case, I will put in briantruscott.com.
  7. For Username you want to put in the email address you used for your Cloudflare account
  8. Under Password is where you’ll want to put in that API key you received earlier. Paste it into both fields. Do not use the password you created for your Cloudflare account.
  9. Give this client a description – I’m going to call mine CF briantruscott.com so I know which service and domain this client will cater.
  10. Finally, click on Save & Force Update. You will be sent back to the main DDNS clients page and, if configured properly and the client authenticated with Cloudflare, your desired IP address should appear in green. If you see 0.0.0.0 or any actual IP in red check your configuration, make sure you copied the API key properly (make sure you didn’t accidentally copy a space into the beginning or end of the key!), and save & update again.

There you go! pfSense will now monitor the interface you selected for any changes to its address. If any changes occur, pfSense will send an update to Cloudflare who will then update your “A” record to reflect these changes without any input!

One thought on “How to use Cloudflare’s free dynamic DNS with pfSense

  1. Pretty useful, but upon doing so, if you are using DNS and HTTP Proxy (CDN) in Cloudflare, it reverts back to just DNS on Cloudflare. Is there a way to keep that from happening?

Leave a Reply