Creating a VPN Tunnel with Dynamic IP addresses
Dynamic DNS
When creating a site to site VPN connection we would use public static IP addresses to connect to each end. At one end we would tell our firewall to connect to the other firewall and specify its static address, and then we would do the same at the other end. However some public IP’s are not static and are dynamically assigned by the ISP. We now have a problem because the remote firewalls IP changes every so often and this means our firewall will be pointing to an incorrect IP address.
The way we can overcome the issue is by registering our firewall with a provider like DynDNS.com. We would register out current firewall IP address along with a URL to use instead on our firewall. Anytime our IP address changes, DynDNS will know about this and update accordingly. So the URL will always reflect the correct IP address.
How the update works is a customer would install dynDNS software on their local network, and when the ISP changes the customer’s IP address, the software sends this new IP address to DynDNS.com.
So in your firewall (assuming you firewall supports this) you would specify a URL instead of an IP address to reach the remote firewall your connecting to.