How to access network remotely with vpn without static address (DHCP)?

[guadalupeassociate]

We are a business with an office network that is accessed remotely by a dozen or so employees. VPN works (reasonably) well with a static IP Address (from Comcast). We're transitioning to Sonic Fiber, which doesn't provide a static IP Address, but requires us to configure our gateway for DHCP.
We thought OpenVPN might be a solution, but we're going down rabbit hole after rabbit hole.
Has anyone solved this problem or know how to solve it?
Thanks.
Fr. Joseph Fessio, S.J.

[igorru]

You can sign up for any of the Dynamic DNS (DDNS) services to have a domain address pointed to your dynamic (DHCP) IP address. Your router might be able to update the DDNS address of your domain name whenever the IP changes or you can have a small service running on one of the computers on your LAN that can detect the change and update the DDNS record. If you own a domain name, your domain registrar might also be providing a free DDNS service.

Once your DDNS is configured and working, VPN should work like before by using a domain name instead of a static IP address.

[ngufra]

Sonic has a dynamic dns service with a json api but i don't think anybody has been able to use it.

Sonic assigns you a dynamic IP.
You can get a dynamic dns service for example from noip.com.
On one of your computers you can run a small program that updated the actual ip to noip dns server with a short ttl so it is not cached too long.
On openvpn, you can set the name from no ip.

To make it easier, I also set an A (alias) record on my domain DNS so that HOME.mydomain.com points to the name from noip which points to the current ip address assigned by sonic.

Let us know if you can make it work.

-Francois

[kgc]

Sonic has a dynamic dns service with a json api but i don't think anybody has been able to use it.

Plenty of people are using it successfully, if you're on a *nix or similar host it is as simple as just two curl commands assuming you have a domain on your account already. See https://public-api.sonic.net/dyndns

$ curl -X POST --data 'username=notarealuser&password=notarealpassword' https://public-api.sonic.net/dyndns/list_api_key

Save the resulting userid and api key for the next command which you can add to cron.

$ curl -X PUT --data 'userid=12345&apikey=4d6fbf2f9ab0fa11697470918d37625851fc0c51&hostname=foo.example.com&type=A' https://public-api.sonic.net/dyndns/host

[js9erfan]

We are a business with an office network that is accessed remotely by a dozen or so employees. VPN works (reasonably) well with a static IP Address (from Comcast). We're transitioning to Sonic Fiber, which doesn't provide a static IP Address, but requires us to configure our gateway for DHCP.
We thought OpenVPN might be a solution, but we're going down rabbit hole after rabbit hole.
Has anyone solved this problem or know how to solve it?
Thanks.
Fr. Joseph Fessio, S.J.

As others have mentioned (also here) DDNS works well if you're running the VPN server on your local network w/ a dynamic IP. If you use a cloud service for OpenVPN then register a domain name (I registered a free one from Freenom for an OpenVPN server I setup on a Digital Ocean droplet).

Or, you might consider using an alternative solution like Tailscale which is based on Wireguard. Very easy to setup/configure with user SSO, MagicDNS, etc.

Good luck!