Automatic VPN for remote management with dynamic IP
I have a pfSense running on KVM together with some other machines.
The PFSense is also connected to a Netgear LB2110 which acts as a internet gateway via either a local network connection or via 4G.
The box (KVM Box) gets shipped to customers so the internet connection (only needed for remote management / support) is either via a customer provided network (IP via DHCP) or via a 4G connection
All that is working fine so far.
Now I'm looking into how to get to the box for remote management.
Dialing INTO the box isn't possible as there will always be NAT (or even double NAT) for the setup into the internet.
I first thought about creating a VPN Gatway in Azure and have PFSense always try to open the connection, which in turn I could also dial in and access the box via this Azure VPN.
This doesn't work, as AZURE requires a public / static IP on the local gateway (no one-way connections).
I could of course use LogmeIn or Teamviewer, but that requires a running client in the setup which is running on KVM and I only have the pfSense and two linux machines running in there.
Anyone any ideas?