You may try WireGuard and use ddns From: NANOG <nanog-bounces+david=xtom.com@nanog.org> On Behalf Of William Herrin Sent: Friday, February 11, 2022 2:02 AM To: nanog@nanog.org Subject: VPN recommendations? Hi folks, Do you have any recommendations for VPN appliances? Specifically: I need to build a site to site VPNs at speeds between 100mpbs and 1 gbit where all but one of the sites are behind an IPv4 NAT gateway with dynamic public IP addresses. Normally I'd throw OpenVPN on a couple of Linux boxes and be happy but my customer insists on a network appliance. Site to site VPNs using IPSec and static IP addresses on the plaintext side are a dime a dozen but traversing NAT and dynamic IP addresses (and automatically re-establishing when the service goes out and comes back up with different addresses) is a hard requirement. Thanks in advance, Bill Herrin -- William Herrin bill@herrin.us<mailto:bill@herrin.us> <https://bill.herrin.us/> https://bill.herrin.us/