General discussion

Locked

VPN with Dynamic IP Addresses

By maxwell edison ·
I'm in the process of setting up a VPN. I'm running it through a Linksys BEFVP41 router on the office side, and the remote users will have SSH Sentinel IPSec client on their remote computers. (At least that's what I'm planning, but I'm certainly open to changing the strategy.) The remote users, by the way, have a variety of ISPs, a variety of Internet connection methods (satellite, modem, broadband, etc.), and a variety of operating systems. It's my intention to simply map a networked drive on the remote client (through a VPN tunnel via the Internet) to a server in the office.

The issue I'm having is this: at both the office side and the remote side, the assigned IP addresses are dynamic, not static. On the office side, the WAN IP address is automatically renewed by the ISP every 5-7 days, although it oftentimes (but not always) renews itself to have the same number. And on the remote client side, the IP address is subject to change - and probably will change - perhaps several times a day, depending on how often the remote Internet connection is open/closed. It's not that difficult (for me) to determine and change the settings accordingly, but for the "common remote user", it's jumping through more hoops than we care to require. The way it is now, the remote user would have to:

1. Determine the office WAN IP address.
2. Determine their own IP address
3. Change SSH Sentinel configuration settings accordingly.
4. Add a new route to the routing table.
5. Change the mapped drives accordingly.

(continued...)

This conversation is currently closed to new comments.

30 total posts (Page 3 of 3)   Prev   01 | 02 | 03
Thread display: Collapse - | Expand +

All Comments

Collapse -

Your reaction is worthy of gold!

by areets In reply to You don't have to close t ...

Andrew Reets
Runner
TSP

Collapse -

so send me some

by OzMEdias In reply to Your reaction is worthy o ...

I'm still waiting.....

Collapse -

Been here before??

by GuruOfDos In reply to If I could close this dis ...

Didn't we have another weener playing this game before? Methinks it would be a VERY long time before certain persons on here even become worthy so much as to lick the boots of such as Maxwell, admin@l33tcentral, The Chas and other noble and erudite souls on here. Note that I don't count myself amongst their number - there is always something new to be learned every day.

I'm wondering if Mr R's knowledge of computing is as good as his command of the written English language? If so then, Maxwell, old chap, I'd say you've probably forgotten more than he'll ever know!

Collapse -

Max!

by areets In reply to VPN with Dynamic IP Addre ...

I really just wanted to help! It is all that I can do, now.

Whatever the solution is, you must pass through a learning curve, so as to face the reality of the configuration.

I just wanted to help; and share my knowledge.

Thank you!

Andrew Reets

Collapse -

123456

by harpreet. Sunny In reply to VPN with Dynamic IP Addre ...

123456789+
good discussion topic
carry on

Collapse -

asss

by harpreet. In reply to VPN with Dynamic IP Addre ...
Collapse -

asss

by harpreet. In reply to VPN with Dynamic IP Addre ...
Collapse -

by harpreet. In reply to VPN with Dynamic IP Addre ...

11111111111111111

Collapse -

Hey Max... Some issues to think about

by LordInfidel In reply to VPN with Dynamic IP Addre ...

I really didn't feel like reading thru all of the posts, so forgive me if I touch on stuff that is already said. (i'm in the middle of some large rearchitectures)

I know and understand that you have a dynamic IP on the server side. You could gowith the dynamic dns route, i'm pretty sure that ssh sentinel can connect to host name instead of by IP.

But the most effective method would to have a static IP on the server side. It makes things a **** of alot simpler. Especially with firewall rules. And the fact that most VPN's need to have a static IP defined in the rulebase.

The road warrior can have a dynamic IP.

If you have SSH Sentinel already, I strongly urge you to move to the linux option. Which is making a linux box, using it as your firewall and router. Install FreeS/Wan on it. (the SSH site has a white paper on how to do it)

If it is DSL service, RH8&9 have built in support for PPPoE connections. And they will auto reconnect.

Plus if you visit www.fwbuilder.org , They have a nifty gui based firewall policy builder. Obviously you need a linux box with X installed to run it.

Get this book: Bulding Linux VPNS by O'reilly.

If you need any further info, contact me off-line.

Collapse -

LordInfidel - Thanks for the suggestions

by maxwell edison In reply to Hey Max... Some issues to ...

I'll consider all the things you (and everyone else) mentioned.

Back to IT Employment Forum
30 total posts (Page 3 of 3)   Prev   01 | 02 | 03

Related Discussions

Related Forums