Pfsense to dyndns sonicwall?
-
I've seen similar topics, but thought this is a bit different. I can vpn between two sonicwalls, both with dyndns. Can I vpn into a dyndsn-sonicwall with a pfsense?
-
Don't think so, the pfSense needs a static IP as remote endpoint.
-
Not sure about SonicWall but you can diffently connect site to site VPN to an Dynamic IP.
I have done it using pfSense with a dynamic IP on the remote end and a PIX FW with a static ip at the corporate HQ end.
The key is that the remote end has to intiate the connection. Also for pfsense I believe can use dyndns as an identifier.
-
That is a static IP at the remote end from the pfSense point of view ;)
-
That is true
-
Don't think so, the pfSense needs a static IP as remote endpoint.
Ahh, I get it now. Thanks. That clarifies things for me.
Phase 2: Negotiate for better internet service, with static ip's.
-
what kind of VPN do you want to use?
i have set up OpenVPN with both sides dynamic.
i have on both sides a dyndns adresse and OpenVPN is able to adjust itself if the remotepoint changes it's IP.
you only have to add "-float" into the config
also you can define addresses in "-remote" and not only IPs (ie. officehq.dyndns.org)from the MAN pages:
Allow remote peer to change its IP address and/or port number, such as due to DHCP (this is the default if –remote is not used). --float when specified with --remote allows an OpenVPN session to initially connect to a peer at a known address, however if packets arrive from a new address and pass all authentication tests, the new address will take control of the session. This is useful when you are connecting to a peer which holds a dynamic address such as a dial-in user or DHCP client.
Essentially, --float tells OpenVPN to accept authenticated packets from any address, not only the address which was specified in the --remote option.
-
OpenVPN should work between dynamic endpoints but as the other end is a sonicwall I guess this is not an option.
-
OpenVPN would be nice. Stupid sonicwalls.
Are there any open source firewalls that will do dynamic ipsec endpoints?
