IT Employment

General discussion


VPN with Dynamic IP Addresses

By maxwell edison ·
I'm in the process of setting up a VPN. I'm running it through a Linksys BEFVP41 router on the office side, and the remote users will have SSH Sentinel IPSec client on their remote computers. (At least that's what I'm planning, but I'm certainly open to changing the strategy.) The remote users, by the way, have a variety of ISPs, a variety of Internet connection methods (satellite, modem, broadband, etc.), and a variety of operating systems. It's my intention to simply map a networked drive on the remote client (through a VPN tunnel via the Internet) to a server in the office.

The issue I'm having is this: at both the office side and the remote side, the assigned IP addresses are dynamic, not static. On the office side, the WAN IP address is automatically renewed by the ISP every 5-7 days, although it oftentimes (but not always) renews itself to have the same number. And on the remote client side, the IP address is subject to change - and probably will change - perhaps several times a day, depending on how often the remote Internet connection is open/closed. It's not that difficult (for me) to determine and change the settings accordingly, but for the "common remote user", it's jumping through more hoops than we care to require. The way it is now, the remote user would have to:

1. Determine the office WAN IP address.
2. Determine their own IP address
3. Change SSH Sentinel configuration settings accordingly.
4. Add a new route to the routing table.
5. Change the mapped drives accordingly.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -


by Rabbit_Runner In reply to VPN - dynamic IP address ...

Hey Max,
Just for your information, I have successfully used DNS2GO with my home URL and servers. Initially the service was free (requesting donations) but lately they are charging a $10 / year fee.
As far as the service, it works beautifully and seamlessly. Anytime I connect, the URL is used with no problem. When the dynamic IP address changes, the DNS2GO sends a 'heartbeat' to their servers and the DNS IP address is changed. It is done within 30-60 seconds. If there is a disconnect, one would need to only re-connect.
About the client, I currently use Microsoft 2000 VPN. If your clients VPN software will use the URL, it should connect with no difficulty. Regardless of where I may travel the remote IP address (static or dynamic)is not used to connect to my home server.
Best of luck.

Michael R.

Collapse -

My brother!

by areets In reply to DNS2GO

Well, what would you know? I have a brother called Michael Reets. He still lives in Guyana.

Thanks bro!

Andrew Reets

Collapse -


by Rabbit_Runner In reply to My brother!

You, Andrew, are a jerk. You may have learned things in IT, but your 'people' skills are badly lacking. Your social skills are at an all time low. My best advice to you, is to remain quiet until you do learn some better social graces.
BTW. My last name is not the same as yours.

Michael R.

Collapse -

Bugs - It's too bad. . . .

by maxwell edison In reply to Jerk

...that this forum has been infiltrated with these "kids" or those with that "kid" mentality.

I must admit, that I'm losing my patients with several of these people who sabotage the good-will and professionalism that always has been prevalent around here. That's what led to my previous comment about wanting to close this thread - even though it could have been a good one.

I have no desire whatsoever to converse with the likes of "Andrew Reets" and/or others who spew such nonsense as he has; I don't want his opinion; I don't want to consider anything he has to say.

There has been too much crap polluting this forum lately, and the only thing it will accomplish is to drive away the ones who don't want anything to do with it.

Collapse -

By the way, Bugs

by maxwell edison In reply to DNS2GO

Thanks for the comments on DNS2GO. It may or may not work for me and my circumstances, but your comments gave me more reason to look into it.

Collapse -

Mapped Drives....

by LordInfidel In reply to VPN - dynamic IP address ...

As long as you are using pvt IP's. You should not have an issue mapping the drives via pvt IP. Since the pvt IP on the server side (i'll call it the right side) does not change.

The sticking point for you is the Right Side IP changing. Although it has not as of yet.

(fyi- earthlink, for $15 more per month, you can have a static IP. I know the Bells bleed business for static IP's. I typically use a 3rd tier carrier for business dsl, it's cheaper and just as reliable)

I would stay away from any MS product for VPN usage. While it may seem easy, the encryption level is not as strong as a Linux solution.

Which if you read my post at the bottom is my solution to you. And one that I have used often, not only for clients, but formy corporate position.

FreeS/Wan is one of the more robust and free vpn solutions out there. While they are pushing full oppurtunistic encryption, (which reqauires you to have a static ip and access to your reverse dns zones), there are other ways to have clients initiate the connection. And alot of commercial products are built upon FreeS/wan.

It is extemely secure and reliable, and integrates quite nicely into an existing linux based firewall. Again see my post.

Collapse -

Learning curve!

by areets In reply to VPN with Dynamic IP Addre ...

Max, which ever way, you'll pass through a learning curve. I'll design this and look closer, just give me a few hours.

I have some material to review, maybe you would like to send me an e-mail.


Collapse -

If I could close this discussion. . .

by maxwell edison In reply to VPN with Dynamic IP Addre ...

...I would.

Oz, on the router end, I'll look into that option in the router settings and see what I find.

The dynamic IP on the remote client end, as it turns out, may not be much of an issue - or no issue at all. A little more testing will tell.

AReets - spare me your BS. Please refrain from posting to this discussion. I don't want it to turn into one of your self-absorbed, nonsensical ramblings. You're like a little kid crying out for attention - but go find it elsewhere. (Get a clue, kid. Why do you think there are hardly any replies to your stupid discussion threads?)

Actually, I wish this discussion was like a question, and I could just close the thing.

What was that saying about **** and a handbag?

Collapse -

Good bye!

by areets In reply to If I could close this dis ...

Well, you want to get back at me. Well, it is your choice. I offered a helping hand but you refused. That is all I can do for you.

My postings are above your capacity to understand what life is about. It is quality and you can only but read them.

Keep your sorry comments to yourself. Appreciate quality and you MIGHT learn something. When you can appreciate that ONE can possess such immense knowledge, then you may realize how uneducated and ill mannered you are with the ability to demonstrate to the MASS.

Do not attack or mock me, YOU DO NOT KNOW WHO I AM.

Andrew Reets

Collapse -

You don't have to close the discussion.

by OzMEdias In reply to If I could close this dis ...

Just post saying you have your answer and ignore any further comments.

I don't know who upset you this time but it is only a discussion thread, don't read it and don't post back to it if you've had enough.
I thought you were sincerely looking for opinions and support.

Have a nice day,

Related Discussions

Related Forums