
In this article we will introduce you to a way of using user-defined DynDNS providers on Sophos firewalls.
Introduction
Sophos has unfortunately not yet (SFOS <= 20.0.0) created the possibility to offer user-defined DynDNS providers on Sophos firewalls. Actually very strange when you consider that most providers work with a common standard and actually only a dialog would have to be added in the web interface. But now then... You don't have to understand everything. 🤷♂️
In this HowTo we present a solution on how to get additional providers into the web interface and how to use them successfully.
Prerequisites
You will need the following information for successful implementation:
- SFOS 19.5.x to 20.0.x (earlier and later versions may need to be tested)
- Shell access to the firewall
- Data for the DynDNS provider
- DynDNS address
- FQDN of the update server
- User name
- Password
- The DynDNS provider must support one of these protocols.
Others will not work!- dyndns2 (yes, with "2")
- zoneedit1 (yes, with "1")
- namecheap
- freedns
- noip
Add provider
Execute the following command in the advanced shell. The VALUES (in the rear brackets!) are to be set as follows:
- serviceproviderid
It is best to choose an ID somewhere above 50. The existing providers have the IDs 1-11. The gap prevents Sophos from overwriting your entry (even if this is unlikely to happen). - displayname
The name of the entry in the web interface. For security reasons, please do not use umlauts or special characters. Experienced users will know that special characters are sometimes a thing with Sophos 😉 - protocol
Choose between the protocols: dyndns2, zoneedit1, namecheap, freedns, noip
You must find out the correct protocol for your provider yourself. dyndns2 should work in most cases. - serverstring
The update server of your provider without any paths - only the FQDN! Here are examples:
Strato: dyndns.strato.com
All-Inkl: dyndns.kasserver.com
psql -U nobody -d corporate -c "INSERT INTO tblddnsserviceprovider (serviceproviderid, displayname, protocol, serverstring) VALUES ('50', 'Strato', 'dyndns2', 'dyndns.strato.com');"

After you have adapted the command to your requirements and sent it, the new provider can be configured in the web interface.


Did it work for you? Share your experiences with us in the comments!
Have fun testing!
Debugging
You have added everything, but it won't work? Look in the log file "/log/ddc.log". If necessary, turn on debugging to see more in the log file. Afterwards, please deactivate with the same command!
service ddc:debug -ds nosync
Questions
Boot and update-proof?
In my tests, the configuration was boot-proof. The configuration has also successfully survived an update from 19.5.x to 20.0.0.
Backup Consistent?
In fact, the whole thing is not backup consistent. I have noticed the following:
Configuration backup / XML:
The settings are exported, but there is no reference to the self-created provider. The configuration is therefore not backed up.
Complete backup:
At least the new provider is included in the complete backup and is backed up. However, the settings in the web interface are also missing here and must be entered manually.
How to undo?
If you want to undo the customization, you must first delete the configuration in the web interface. The entry can then be deleted from the database. Not the other way around!
First, find the ID of the entry to be deleted in the database.
psql -U nobody -d corporate -c "select * from tblddnsserviceprovider;" -x

You then use this ID to assemble the SQL command for deletion and send it.
psql -U nobody -d corporate -c "DELETE FROM tblddnsserviceprovider where serviceproviderid='50';"
You can use the first command to read out the ID to test whether the deletion was successful. If yes -> done.
Factory reset
A factory reset undoes everything. No traces remain here.
Danke, klappt super. Jetzt funktioniert das endlich ohne das ich den PC anhaben muss. 🙂
Hallo Jörg, Prima! Danke für das Feedback. Gruß, Sebastian