Remote access to LAN when public IP is dynamic?
 

Hello :)

Is it possible to provide remote Windows users access to a LAN via the Internet when the LAN itself is connected to the Internet via a SOHO router that is assigned an IP address dynamically?

An LQ thread from 2004 includes a suggestion to use VPN and DynDNS.com. Is that still a good solution? Are there any security issues?

Assuming:

1. VPN is a good choice.
2. DynDNS.com or similar can be used to give remote clients the public IP address of the SOHO router.
3. the SOHO router is configured to forward VPN traffic to a Linux system acting as the VPN gateway.

then, for a LAN of ~20 IP nodes and less than 5 simultaneous remote clients, are there any other VPN server software solutions to consider other than OpenVPN, Openswan and strongswan?

Would there be significant advantages in using a router with VPN server capability?

Best

Charles

I really like pix/asa devices for a firewall/vpn termination device, fortinet makes some nice products that function in a similar way and for a better price.

That being said the solution you're looking at is perfectly acceptable so long as your firewall and vpn are configured correctly. I think openvpn is about the best mix of security, ease of setup, and such of the various opensource vpn products.

Thanks for your advice, rweaver :)

I'll look into pix/asa devices.