Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dynamic public IP and OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 3 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      axiomcs
      last edited by

      If a site uses a dynamic public ip and the openvpn clients are already created and being used, what happens if the public ip changes? Will the clients still be able to connect?

      provelsP 1 Reply Last reply Reply Quote 0
      • provelsP
        provels @axiomcs
        last edited by provels

        @axiomcs No, they won't connect by IP. You can avoid that problem by creating a dynamic DNS account at any of the several providers available
        (ex. https://www.noip.com) then configure pfSense (Services/Dynamic DNS) to upload the new IP address when it changes. You can use a free account if you wish, but you need to manually access it each month to maintain its service or get a paid account that is set/forget. Then you can code the dynamic DNS host name in the OpenVPN client config file, replacing the IP.

        Peder

        MAIN - pfSense+ 24.11-RELEASE - Adlink MXE-5401, i7, 16 GB RAM, 64 GB SSD. 500 GB HDD for SyslogNG
        BACKUP - pfSense+ 23.01-RELEASE - Hyper-V Virtual Machine, Gen 1, 2 v-CPUs, 3 GB RAM, 8GB VHDX (Dynamic)

        1 Reply Last reply Reply Quote 0
        • A
          axiomcs
          last edited by

          If a Services/Dynamic DNS is setup, how should the Interface/WAN be setup? Just leave the WAN interface page blank?

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @axiomcs
            last edited by

            @axiomcs
            Leave it blank is never a good idea.

            So you have a dynamic WAN IP. Now, is your WAN connected to pfSense or do you have a router in front of it?
            If it is on pfSense you have to configure the interface for DHCP or a sort of PPP, depending on what your ISP provides to you.
            If you have a router it's the first choice to do dyn DNS updates on the router itself if possible.

            1 Reply Last reply Reply Quote 0
            • A
              axiomcs
              last edited by

              WAN is directly connected to pfSense. The only setting needed on the WAN page is to set the IPv4 Config Type to DHCP?

              And then if I setup Dynamic DNS and the public IP changes, pfSense will always look to the Dynamic DNS hostname along with the dyndns provider login info?

              1 Reply Last reply Reply Quote 0
              • V
                viragomann
                last edited by

                As already mentioned, how to configure WAN interface, depends on your ISP. However, as you stated above, your WAN is already working. So there is nothing to change for DynDNS.

                Get an account from a dynamic DNS provider. Then you can choce a hostname in given domains like yourhost.dyndns.com.
                Configure the Dynamic DNS service in pfSense (Services > Dynamic DNS > Dynamic DNS Clients). If it is set up properly it will update the dynamic DNS at provider every time your WAN IP changes.
                So you can configure you openVPN clients to connect to yourhost.dyndns.com. The hostname is ever the same, the IP behind may change.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.