Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
IPSec with Dynamic IP
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPSec with Dynamic IP (Read 5572 times)
DaveA67
Newbie
Posts: 35
Karma: 2
IPSec with Dynamic IP
«
on:
June 28, 2018, 11:41:57 am »
Hi
Is it possible to set up a site to site VPN to and Opnense FW where the remote site does not have a fixed IP?
Scenario - our sales team would like to have a demo kit of comms equipment that will require a VPN to a cloud based opnsense FW. Obviously as they move from customer to customer the public IP trying to make the connection will be different.
I have tried using a dynamic DNS service but cannot get the tunnel to establish.
This will be from a Draytek router (although I can try a different one) set up with a WAN connection that will get an internal IP address on the customer's LAN via DHCP and then onto the internet via the customer gateway.
Hope I've explained that OK!
Cheers
Dave
Logged
kug1977
Newbie
Posts: 32
Karma: 4
Re: IPSec with Dynamic IP
«
Reply #1 on:
June 28, 2018, 10:27:58 pm »
I have setup such a scenario here. The WAN address is bound to a DynDNS name and updating on any change of WAN IP. The tunnel is using the name for Phase 1 and a shared secret. But it should work with a certificate too.
Logged
DaveA67
Newbie
Posts: 35
Karma: 2
Re: IPSec with Dynamic IP
«
Reply #2 on:
June 29, 2018, 09:56:28 am »
Hi
Thanks for that
I did try with no-ip.com but without a success so I will re-visit my settings!
Cheers
Logged
DaveA67
Newbie
Posts: 35
Karma: 2
Re: IPSec with Dynamic IP
«
Reply #3 on:
June 29, 2018, 05:31:14 pm »
Hmm
No joy, I think because the non-opnsense end is double NATed. I have
LAN (DHCP from)>>---Draytek>>-
--DHCP From Customers LAN>>----Customer router>>
internet-----------Opnsense firewall
It's the bit in bold that's the problem I think
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
IPSec with Dynamic IP