So, to confirm, you’re using Namecheap’s DNS but your Namespace is hosted in Cloudflare? How do I use the DDNS service in Opnsense such that my WAN IP is always tied to a particular domain name that I can use for all my VPN clients – so that I don’t have to manually change the IP address in each client’s VPN config?.Is there a way to create a wildcard cert for my domain name so that I can use the same cert for all my LAN services?.This will be a problem whenever my current LE certs expire, wouldn’t it? Is there a way to auto-update these records whenever my WAN IP changes? However, all the A records that I created for the 19 services still point to the old WAN IP address (XX:XX:XX:252).Then my WAN IP changed when I rebooted the modem and the Opnsense firewall How did it cache my WAN IP for my domain name instead of the actual public IP of the domain name? In Cloudflare, my base domain points to a completely different IP (I am not hosting anything on that domain though).I enabled DDNS service in Opnsense, and used the Namecheap option – put in my domain name (that I had purchased), my user/password and it immediately listed my WAN IP (XX:XX:XX:252) as the Cached IP. If my WAN IP changes, I would still want my certs and my VPN to continue functioning. I also have a dynamically assigned IP address. I also have a road-warrior VPN server that I connect to from the road. I can use the sub-domains I defined in the A records instead of remembering the IPs and ports. I used DNS challenge and everything works as expected. I set up 19 different A records – all pointing to my public WAN address (say XX:XX:XX:252) and using Cloudflare as the Proxy. So, I created a Cloudflare account and then used those nameservers as my “Custom DNS” in the Namecheap account instead of using the Namecheap BasicDNS. Unfortunately, Caddy2 only had the Cloudflare plugin available for DNS challenges during 2.0 Beta.
I bought a domain name for myself from Namecheap. I needed the easy button because this was all very new to me. But then I thought, why not get proper SSL Certs from Lets-Encrypt along with the reverse proxy so that it avoids the browsers from screaming about it and my wife calling me over whenever she is accessing bitwarden or emby etc.Įnter Caddy2 which had easy integration with Lets-Encrypt DNS challenges. Next thing I know I had 19 different URLs (nextcloud, bitwarden, emby, IPMI etc etc.) that I had to remember the IPs and the ports. It all started with me getting into self-hosting. So here’s the back-story which is relevant just so that you know how my current setup is… I know the basics but I am trying to get a deeper understanding of how they work and how I can improve upon my setup.
0 kommentar(er)
