Question about pfSense Site to Site VPN
-
@IT-ADMIN said:
i'm using openDNS
I have no hard evidence to back this up, but I feel that OpenDNS is slow to update compared to Google DNS.
But you will always have this issue with any DDNS solution.
Since you are using pfSense, I would setup OpenVPN instead of IPSEC. OpenVPN can handle a dynamic changing client much better than IPSEC does. If you are already using OpenVPN, then it is simply a matter of reconfiguring one side to be dynamic and not rely on the DDNS.
-
@JaredBusch yes Sir i'm using OpenVPN, and feedns.afraid.org as DDNS, and i'm using the built-in DDNS updater in pfsense,
-
do you mean by not relying on DDNS that i have to change the IP myself in each IP change ????
-
what about having each box a client and server in the same time, Mr Scott don't like this idea,
what about you Sir -
@IT-ADMIN said:
what about having each box a client and server in the same time, Mr Scott don't like this idea,
what about you SirI don't believe that you can.
-
@IT-ADMIN said:
do you mean by not relying on DDNS that i have to change the IP myself in each IP change ????
That's an option but I would prefer the DNS delay.
-
How often does your IP address change?
-
sometimes one week, sometimes 4 days, it depend
-
-
currently i check every time my public ip to make sure that it is still fixed to make sure that the 2 office are connected, i wish to make this happen automatically but unfortunately DDNS despair me
-
@IT-ADMIN said:
currently i check every time my public ip to make sure that it is still fixed to make sure that the 2 office are connected, i wish to make this happen automatically but unfortunately DDNS despair me
I assume that you don't have the ability to get static IPs? Have you looked into Hamachi?
-
@scottalanmiller yes, and also our ISP makes it difficult to possess static IP, he force you to buy a subnet of 8 static ip, and the price is very expensive, because here in qatar exist only one ISP (landline provider) for this reason they do what they want,
-
and also they force you to change you current wire installation and make a new one
-
@IT-ADMIN said:
and also they force you to change you current wire installation and make a new one
Wow. Is it a government controlled monopoly or as the market just not created competition (yet)?
-
@scottalanmiller exactly, it is a government ISP that don't have any competition, so they have freedom to do what they want
-
@IT-ADMIN said:
@scottalanmiller exactly, it is a government ISP that don't have any competition, so they have freedom to do what they want
I see. That is unfortunate that instead of working to enable business that they use it to make money via the ISP directly. Iceland does something similar with a central ISP but provides high speed, great access to everyone.
-
hhhh, can you imagine our ISP max ADSL bandwidth
-
Hamachi would be "low" cost and should do what you need. I prefer Pertino but in your use case, gateway to gateway, it doesn't have an offering yet.
-
@IT-ADMIN said:
hhhh, can you imagine our ISP max ADSL bandwidth
They are still using ADSL? That is horrible. Qatar is such a rich country, they could go all fiber overnight and really enable business there. The opportunities being missed are tragic.
-
currently they are working in fiber optic, but only in some region not all qatar
