IPSec on a site-to-site VPN with one side dynamic IP?
rhakar last edited by
I need to implement a VPN between two endpoints with one pFsense and one Watchguard. The pfSense has a static Ip but the other side with watchguard no, only dynamic and without DDNS.
It is possible to make an IPSec with a dynamic Ip endpoint? With Watchguard is possible by domain information without using DDNS. As i saw pfSense does not accept domain information as method to recognize endpoint gw ID.
Thanks in advance.
lst_hoe last edited by
It is possibly as long as only one side need to be able to "open" the tunnel, much like in Mobile Client setup. With IKEv1 you need "aggressive" Mode at least with PSK, with IKEv2 you simply have to use a ID other the the IP address.