Creating a VPN Tunnel with Dynamic IP addresses using DynDNS
When creating a site-to-site VPN connection, we would use public static IP addresses to connect to each end. At one end we would tell our firewall to connect to the other firewall by specifying its static public IP address, and then we would do the same at the other end. However some public IP’s are not static and are dynamically assigned by the ISP. Now we have a problem because the remote firewalls IP address changes every so often and this means our firewall will be pointing to an incorrect IP address after the first time it changes to a different IP address.
The way we can overcome the issue is by registering our firewall/VPN gateway device with a provider like DynDNS.com. We would register our current firewall/VPN gateway device IP address along with a URL to use on our firewall. From here onwards, anytime the VPN device IP address changes, DynDNS will know about the change and update the change accordingly. This means, the URL will always reflect the correct IP address.
How the update works is, a customer would install DynDNS software on its local network, and when the ISP changes the customer’s IP address, the software sends this new IP address to DynDNS.com.
So in your VPN device (assuming you device supports this feature), you would specify a URL instead of an IP address to reach the remote firewall/VPN gateway device your connecting to. As the URL will always reflect the correct IP address of the remote end device, the VPN settings will be up to date in line with the dynamic change and therefore the VPN tunnel will always remain active.