Overview

DDNS is a service providing the automatic update of the IP address in the DNS record for the particular hostname. Kerio Control allows configuring Dynamic DNS for 3 different providers, such as DynDNS, no-ip.com, or ChangeIP.com. You can register and select a free hostname for the domain, for example, company.no-ip.com.

Note: To establish a successful working connection, you need to have Public IP address assigned to Kerio Control.

Diagnosis

If Kerio Control enables cooperation with dynamic DNS, a request to update the IP address in dynamic DNS is sent upon any change of the Internet interface's IP address (including switching between primary and secondary Internet connection). This keeps the DNS record for the particular IP address up-to-date and mapped services may be accessed by the corresponding hostname.

1. Dynamic DNS records use very short time-to-live (TTL) and, therefore, they are kept in the cache of other DNS servers or forwarders for a very short time. The probability that the client receives a DNS response with an invalid (old) IP address is, therefore, very low.
2. Some DDNS servers also allow concurrent updates of more records. Wildcards are used for this purpose. For example, in DDNS there exist two hostnames, both linked to the public IP address of the firewall: fw.company.com and server.company.com. If the IP address is changed, it is, therefore, possible to send a single request for an update of DNS records with the name *.company.com. This request starts the update of DNS records of both names.

Solution

1. Create an account at the following DDNS provider: ChangeIP, DynDNS, or No-IP.
2. In the Kerio Control administration interface, go to Remote Services > Dynamic DNS.
3. Select option Automatically update dynamic DNS service records with the firewall's IP address.
4. Select a DDNS provider.
   
   
5. In the Update hostname field, type a DNS name. If DDNS supports wildcards, they can be used in the hostname.
6. Set a username and password for access to updates of the dynamic record.
   
7. If Kerio Control uses the multiple internet links mode (load balancing or failover) you can choose how to identify IP addresses for your DDNS provider:
   • IP address configured on outgoing Internet interface — Kerio Control always sends the IP address from the Internet interface to the DDNS provider.
   • Detected public IP address — before sending the IP address to the DDNS provider, Kerio Control detects which IP address is used for access to the Internet.
   • IP address configured on the interface — Kerio Control sends the IP address from the chosen interface to the DDNS provider. The real public IP address needs to be assigned to the selected interface.
     

     Note: If you don't know which option is the best, switch to the Detected public IP address. Kerio Control uses a helper URL to determine the IP address. Unless a specific traffic rule is in place, it will use any of the interfaces available to determine this.

8. Click Apply.

Confirmation

Kerio Control should update the DDNS records automatically and all the mapped services should be accessible.

The IP address update is also shown in the DDNS provider administration interface.