Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense to dyndns sonicwall?

    Scheduled Pinned Locked Moved
    IPsec
    4
    9
    5.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      annabanana
      last edited by

      I've seen similar topics, but thought this is a bit different. I can vpn between two sonicwalls, both with dyndns. Can I vpn into a dyndsn-sonicwall with a pfsense?

      1 Reply Last reply Reply Quote 0
      • H
        hoba
        last edited by

        Don't think so, the pfSense needs a static IP as remote endpoint.

        1 Reply Last reply Reply Quote 0
        • M
          maynarja
          last edited by

          Not sure about SonicWall but you can diffently connect site to site VPN to an Dynamic IP.

          I have done it using pfSense with a dynamic IP on the remote end and a PIX FW with a static ip at the corporate HQ end.

          The key is that the remote end has to intiate the connection. Also for pfsense I believe can use dyndns as an identifier.

          1 Reply Last reply Reply Quote 0
          • H
            hoba
            last edited by

            That is a static IP at the remote end from the pfSense point of view  ;)

            1 Reply Last reply Reply Quote 0
            • M
              maynarja
              last edited by

              That is true

              1 Reply Last reply Reply Quote 0
              • A
                annabanana
                last edited by

                @hoba:

                Don't think so, the pfSense needs a static IP as remote endpoint.

                Ahh, I get it now. Thanks. That clarifies things for me.

                Phase 2: Negotiate for better internet service, with static ip's.

                1 Reply Last reply Reply Quote 0
                • GruensFroeschliG
                  GruensFroeschli
                  last edited by

                  what kind of VPN do you want to use?
                  i have set up OpenVPN with both sides dynamic.
                  i have on both sides a dyndns adresse and OpenVPN is able to adjust itself if the remotepoint changes it's IP.
                  you only have to add "-float" into the config
                  also you can define addresses in "-remote" and not only IPs (ie. officehq.dyndns.org)

                  from the MAN pages:

                  Allow remote peer to change its IP address and/or port number, such as due to DHCP (this is the default if –remote is not used). --float when specified with --remote allows an OpenVPN session to initially connect to a peer at a known address, however if packets arrive from a new address and pass all authentication tests, the new address will take control of the session. This is useful when you are connecting to a peer which holds a dynamic address such as a dial-in user or DHCP client.

                  Essentially, --float tells OpenVPN to accept authenticated packets from any address, not only the address which was specified in the --remote option.

                  We do what we must, because we can.

                  Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                  1 Reply Last reply Reply Quote 0
                  • H
                    hoba
                    last edited by

                    OpenVPN should work between dynamic endpoints but as the other end is a sonicwall I guess this is not an option.

                    1 Reply Last reply Reply Quote 0
                    • A
                      annabanana
                      last edited by

                      OpenVPN would be nice. Stupid sonicwalls.

                      Are there any open source firewalls that will do dynamic ipsec endpoints?

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post