VPN site to site over DSL with dynamic IP address

Tags:
Networking
Hi all, I read that remote access over broadband connections like DSL with a dynamic IP was not possible except in the case of using DNS Dynamic IP updating. My question is are there any other ways of establishing a vpn site to site connection other than this with a dynamic IP? and Is this setup i.e. using the DNS dynamic IP updating reliable? Thanks

Answer Wiki

Thanks. We'll let you know when a new response is added.

Well, to cut to the chase, you want static IP’s on both ends.

You can do it with dynamic on both ends, but you’re setting yourself up for a lot of headaches. You will have to notify all users at both locations to change their vpn client settings every time either ip changes.

Additionally, a dns service can work is some instances, but you don’t need a dns service that merely picks up when your dynamic ip changes, butg one that will host as static. Now your costs are rising.

In all actuality, check with your ISP, because many of them are giving away up to 5 static IP’s at no additional charge on coroproate accounts.

You would be well advised to enter into the vpn arena, especially on a site to site setup, with static ip’s on both ends. You will be facing enough obstacles already in interlacing the 2 networks without adding more to the mix.

Good luck

Discuss This Question: 7  Replies

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Gasup1
    I agree, the simplest way is to use static IP addresses on both ends, however I have extensively used a static host and a dynamic client in our network with no problems. I know that some of the routers will handle the connection and some will not. For example Cisco will while Linksys and Netopia will not. This option does allow for simple and inexpensive additions to the WAN.
    0 pointsBadges:
    report
  • Hamel01
    I use a service from no-ip.com It installs a little program on a computer at your site with a dynamic ip and updates a dns listing for you. (You can have as many as you like, i am using it for 20 i think) Then you can use a custom name like yourcompany.no-ip.com and it will always work. No matter what happens to your ip. Better than paying for the static IP's.
    0 pointsBadges:
    report
  • Mousejn
    I agree that a static IP on both sides is best and less vulnerable to attack. There are some places you can?t get a fixed IP. If you can get a fixed IP address on one side most of your none consumer grade firewalls will allow an aggressive mode IPSec VPN tunnel. If you can?t get a fixed IP on ether end you need to use a Dynamic DNS service. www.technopagan.org/dynamic/#TheList is a location for Dynamic DNS services providers. Your VPN solution needs to support URLs. I have a solution that I have used no-ip.com for 3 years and the new SonicWALL firewalls will talk directly to no-ip.com so no client is needed on a local system.
    5 pointsBadges:
    report
  • TIMWATSON
    NO-IP IS A GOOD IDEA. YOU MAY ALSO WISH TO CONSIDER THESE AS POSSIBLE CREATIVE SOULITONS. THEY ARE; NOMACHINEDOTCOM (SEARCH FOR FREENX), LINUXVIRTUALSERVERDOTORG (HAS TRAFFIC MANAGMENT AS ONE FEATURE), VMWAREDOTCOM, LINUX-HADOTORG/HEARTBEATPROGRAM (HEARTBEAT WILL QUICKLY RESTART FROM A MACHINE (OR VIRTUAL MACHINE) CRASH. MOST, IF NOT ALL OF THESE PROGRAMS ARE OS INDEPENDENT. ALTHOUGH NOT A DIRECT ANSWER TO YOUR QUESTION, I HOPE THIS WILL HELP. TIM.
    0 pointsBadges:
    report
  • DesertNomad
    Thanks everyone for all of your replies the info was extremely beneficial. I would like to use static IPs on both ends but unfortunately where we are located our local ISP(only one for the country) only provides static IPs for leased lines which comes with a hefty price increase over the DSL. If we went the DNS diynamic IP updating route, how difficult is this to configure and maintain? I read that you will lose emails which were sent at the time the DNS servers are being updated with the new IP. Also what specific routers would you recommend for this setup? Thanks in advance Greg
    0 pointsBadges:
    report
  • Mousejn
    If you have an email server on-site, I know no-ip.com and dynip.com have options where your MX record goes to them and you can you pull the email off their site. This eliminates any loss of email while the DNS severs are updated. But to tell the truth, for the 3 years I have used no-ip.com I have had no noticeable drop in my VPN tunnel.
    5 pointsBadges:
    report
  • Boardinhank
    From all aspects they talk reliable. Here is one I read up on and liked what they offered. http://dns2go.deerfield.com/ It makes sense what you are trying to do. Another thing to asses here is do you need to host these mail or web apps from your own DSL line. With hosting plans as cheap as they are these days you can benefit from their huge data centers not only for redundant backbone to the internet, but their backing up of your email and web etc. for a small chuck of change you can get all the bells and whisles along with the security that they can offer as well. Then just keep your dsl for your regular internet usage. Lots of people these days love the fact that for a low price they get their email hosted, filtered and virus checked from a provider making it more convenient and hands off. I totally recommend it.
    60 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following