Show Posts
1
Virtual private networks / Re: VTI FQDN [new] Config
« on: July 01, 2023, 12:32:22 pm »
I am facing exactly the same problem.
I migrated the IPsec VPN (IKEv2) between my hosted VPS (OPNsense 23.1.11, static IPv4) and my DSL at home (Watchguard XTM25, dynamic IPv4 and dyndns) from the old config style to the new "Connections" interface and took the opportunity to switch from policy based to routing based.
The connection is established and everything works as expected as long as the current WAN IPs of both peers are entered in the "Local address" and "Remote address" fields of the VTI window (the one from your screenshot). If the WAN IP of my DSL changes, I need to update the value in the "Remote address" field manually, otherwise while the VPN connection itself is established fine, no data transfer between the sites is possible.
Does anyone know a solution or workaround to be able to use a FQDN instead of an IP address?
I migrated the IPsec VPN (IKEv2) between my hosted VPS (OPNsense 23.1.11, static IPv4) and my DSL at home (Watchguard XTM25, dynamic IPv4 and dyndns) from the old config style to the new "Connections" interface and took the opportunity to switch from policy based to routing based.
The connection is established and everything works as expected as long as the current WAN IPs of both peers are entered in the "Local address" and "Remote address" fields of the VTI window (the one from your screenshot). If the WAN IP of my DSL changes, I need to update the value in the "Remote address" field manually, otherwise while the VPN connection itself is established fine, no data transfer between the sites is possible.
Does anyone know a solution or workaround to be able to use a FQDN instead of an IP address?