This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Dynamic DNS with NameCheap appears to be failing: WARNING: file /var/cache/ddclient/ddclient.cache, line 5: Invalid Value for keyword 'ip' = ''

This has been reported by other but I see no indication that Sophos has addressed it

At issue may be the hostname field.

The UTM suggests the following on this field:

"Hostname (not with type Open DNS IP update): Enter the domain name you received from your DynDNS service provider (e.g., example.dyndns.org). Note that you need not adhere to a particular syntax for the hostname to be entered here. What you must enter here exclusively depends on what your DynDNS service provider requires. Apart from that, you can also use your DynDNS hostname as the gateway's main hostname, which, however, is not mandatory.

 

DynDNS is not being used, NameCheap is and had been selected.  They do not provide some predefined hostname for each customer as DynDns does (for some reason).  Therefore it's not at all clear what is meant by this.  From other posts I've attempted to use @ instead.  The logs initially showed improvement but eventually fell back to failing:

2017:03:27-12:51:26 ravenna ddclient[25991]: WARNING: skipping update of zimbra from <nothing> to aaa.bbb.ccc.ddd.
2017:03:27-12:51:26 ravenna ddclient[25991]: WARNING: last updated <never> but last attempt on Mon Mar 27 12:50:41 2017 failed.
2017:03:27-12:51:26 ravenna ddclient[25991]: WARNING: Wait at least 5 minutes between update attempts.
2017:03:27-12:56:27 ravenna ddclient[25991]: WARNING: file /var/cache/ddclient/ddclient.cache, line 3: Invalid Value for keyword 'ip' = ''
 
The first line above did accurately show my ip address, then five minutes later showed a failure with the ip address.
 
What's clear is this has not been setup for NameCheap as the fields are relevant for DynDNS.
What's not clear is if this can be hacked in some way to get it to work.
 
People have been complaining about this specific topic for well over a year.
Has anyone gotten it to work.
 
Yes, I've tried setting IP Strategy to "interface" to no discernible effect.
 
Thanks in advance for your help.
 
~D
 
 

I've also noticed that after one saves edits there is a field called Wildcard with a red X button and a greyed-button.  One might assume it's green with a check mark if activated.  This button is not a web interactive button and using @ for the hostname does not seem to affect anything.  How might one activate "WildCard" in the NameCheap scenario?

 

 

More information:

I contacted NameCheap support and was escalated to a DNS guy. [?]

He led me through a process on their site:  Dashboard -> Manage (domain) -> Advanced DNS -> Dynamic DNS

This was "interesting".  Here under Dynamic DNS it has the user create an entry for Dynamic DNS which has the following fields:

  1. Host
  2. IP Address
  3. TTL (a drop-down selection menu)

I pointed out to the support tech that asking for an ip address for dynamic DNS was an interesting approach.  I looked up my internet-apparent address and entered that as well as using a locally (UTM) resolved hostname.

Just to investigate their take on dns engineering, I downloaded their windows client and found immediately that it does not support HTTP proxies.  It just throws a proxy authentication error showing it recognizes the existence of a proxy but can't handle the authentication part.  Not a good sign.  I opened a gaping hole in my infrastructure to support this client and the update on the client appears stuck for over 20 min now.  I'm not at all comfortable with this so I'm shutting down the client.  The techs were all called Igor and Ivan so my level of trust is dwindling. Looking back at The Sophos UTM settings for NameCheap, I changed the name on the Sophos settings to match what I have on the DynDNS settings at NameCheap.  Still failing.

 

 

 


This thread was automatically locked due to age.
Parents
  • I changed the password on the UTM from the field on NameCheap under Advanced DNS \  Dynamic DNS \ Password to my NameCheap account password and things got better.

    Still failing but closer:

    SECURITY NOTE: The UTM sends my account password for my DNS service in open text to an IIS machine at NameCheap.  This is an enormous violation of any reasonable security practice.

     

    017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: SENT: dynamicdns.park-your-domain.com/update
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: REPLIED: HTTP/1.1 200 OK
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: Cache-Control: private
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: Content-Length: 423
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: Content-Type: text/html
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: Server: Microsoft-IIS/8.5
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: Set-Cookie: ASPSESSIONIDQEBAAAQS=IBMLKFFAKGJCFHLICBJOCJPH; secure; path=/
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: X-Powered-By: ASP.NET
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: Date: Mon, 27 Mar 2017 22:40:44 GMT
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: Connection: close
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING:
    2017:03:27-15:40:45 ravenna ddclient[22632]: WARNING: <?xml version="1.0"?><interface-response><Command>SETDNSHOST</Command><Language>eng</Language><ErrCount>1</ErrCount><errors><Err1>Domain name not found</Err1></errors><ResponseCount>1</ResponseCount><responses><response><ResponseNumber>316153</ResponseNumber><ResponseString>Validation error; not found; domain name(s)</ResponseString></response></responses><Done>true</Done><debug><![CDATA[]]></debug></interface-response>
    2017:03:27-15:40:45 ravenna ddclient[22632]: FAILED: updating wahine: Invalid reply.
  • It does sound like a NameCheap problem, doesn't it, Doug?  I don't have much to offer except the trick in The Zeroeth Rule in Rulz.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • It does sound like a NameCheap problem, doesn't it, Doug?  I don't have much to offer except the trick in The Zeroeth Rule in Rulz.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data