How about running ZeroTier on those Linux boxes and call it a day? https://www.zerotier.com/
-Mike > On Feb 10, 2022, at 10:07, David Guo via NANOG <[email protected]> wrote: > > > You may try WireGuard and use ddns > > From: NANOG <[email protected]> On Behalf Of William > Herrin > Sent: Friday, February 11, 2022 2:02 AM > To: [email protected] > Subject: VPN recommendations? > > Hi folks, > > Do you have any recommendations for VPN appliances? Specifically: I need to > build a site to site VPNs at speeds between 100mpbs and 1 gbit where all but > one of the sites are behind an IPv4 NAT gateway with dynamic public IP > addresses. > > Normally I'd throw OpenVPN on a couple of Linux boxes and be happy but my > customer insists on a network appliance. Site to site VPNs using IPSec and > static IP addresses on the plaintext side are a dime a dozen but traversing > NAT and dynamic IP addresses (and automatically re-establishing when the > service goes out and comes back up with different addresses) is a hard > requirement. > > Thanks in advance, > Bill Herrin > > -- > William Herrin > [email protected] > https://bill.herrin.us/
