Connecting to Remote (Dynamic IP Address) Gateway

lks

This is a really basic question, but here goes…

I would like to set up an IPsec tunnel between two firewall/routers that have DHCP-assigned WAN addresses.  In the VPN>IPsec>Tunnel configuration, I am asked to specify a remote gateway.  As far as I can tell, I have to input a hard-coded IP address.  Ideally, I'd just like to input a fully qualified name (that happens to be maintained with Dynamic DNS on the remote side).

Is this possible to do in some way, or is this planned for a future release?

Thanks.

hoba

You need a static IP-Adress at at least one location. I have a setup between 12 locations where only one location has a static IP. See http://pfsense.com/mirror.php?section=tutorials/mobile_ipsec/ for a howto. OpenVPN should work between dynamic endpionts afaik. You might consider using this then instead of IPSEC (see http://pfsense.com/mirror.php?section=tutorials/openvpn/pfsense-ovpn.pdf ).

lks

Thanks–that's what I figured.  I was mostly just curious if this is a planned addition at any point in the future.

I am using OpenVPN for road warrior stuff and it works great with an XP client or with another pfSense box.  I wanted the IPsec tunnel to interoperate with a location that runs a D-Link VPN Router.

I guess I'll try to get a static IP for one of the sides in the meantime...

hoba

It's not easy to implement this in a good way and if it gets implemented it will most likely only work between 2 pfSense systems. We have discussed this at some point but there is no high priority on this item. I wouldn't expect this to happen too soon.

devoyon

lks, I have to setup exactly the same configuration beetwen my pfsense (static) and my dlink (dynamic).
How did you made such connection ?

Best regards
Guillaume

lks

I am using OpenVPN for now because I have two DHCP endpoints.