You can configure VPN connections to use a dynamically assigned WAN IP address on the firewall. In the VPN settings, enable dynamic IP addresses. Then, configure an access rule that redirects VPN traffic to the VPN server.
Step 1. Configure VPN Access via a Dynamic WAN IP Address
To allow VPN access via a dynamic WAN IP address:
- Go to VPN > VPN Settings.
- In the Global Server Settings section, verify that Use Dynamic IPs is set to Yes.
- To make your VPN available through a DNS hostname, register the hostname with http://dyn.com/dns. For more information, see .
Step 2. Create an Access Rule to Redirect VPN Traffic to the VPN Server
Create a new access rule that redirects the VPN traffic to the VPN server to establish the tunnel:
Go to FIREWALL > Access Rules.
- Click Add Access Rule. The Add Access Rule window opens.
In the Add Access Rule window, configure a Redirect to Service firewall rule that redirects incoming VPN connections on the dynamic interface to the VPN server listening on the local IP address. For the Destination, select the network object corresponding to your Internet connection type (DHCP, WWAN, or DSL).
- Move the access rule above the BLOCKALL rule.
- Click Save.