I work remotely and recently have to connect (ssh) to a server that uses IP tables for security. This is when I discovered the my ISP (Bell) changes my IP very regularly. My current solution is to call IT and ask for my IP address to be updated but this has gotten pretty frustrating for the section charged with doing the work. There are now longer delays before the update simply because the work tempo for the section has been increasing and someone has to find the time.
Bell won’t grant me a static IP unless I’m a business. My searches show answers by people who are hosting websites for their business which isn’t my case at all. Is there a way I can get a static IP without my current ISP?
The real solution would be a bastion box at your office which you can log into using their remote access methods. From there, you’d be able to use the office connection which is likely to be a static assign external IP.
Have you tried talking with your IT dept and asked for a better solution? You seem to be stuck in an XY problem.
You could get a business internet account at home and pay extra for (1) business class support; and (2) static IP. Or your work can figure out a much better implementation to allow ingress into their server, such as a WireGuard VPN or other VPN protocol/implementation.
You got answers about this being dumb. That’s correct, but to give a real solution, and it’ll be a tech deep dive…
Rent a virtual server somewhere. Digital Ocean, Linode, etc. It’ll have a static IP. Install Wireguard on it and your home work PC. Voila, ‘you’ have a static IP. You’re basically just tunneling through a VPN, but it’s got a static IP at the exit node. It’s also only a few bucks a month ($5 I think).
Again, this is dumb, but it’s the technical solution to a dumb problem.
What I did to get around my carrier grade nat and constantly changing IPs for my domain because I use multiple isps is I rent a VPS with a static IP, setup openvpn, on my home router created an ipsec tunnel between it and my vps and routed specific traffic down that tunnel so I have a static IP.
To make your setup easier because I know not all routers can do what I did is you can still install openvpn and VPN into the vps from your laptop and then ssh from there. It would give you a static IP independent from your home network.
The business is being unreasonable. They should not be relying solely on IP white-listing. You could setup a virtual private server on AWS or something and tunnel your traffic through that so that the IP never changes.
Tell your IT department to learn how to institute and use software solutions. VPNs Domains, Octa . Lots of solutions out there that dont require tracking IPs. What do the do if someone is traveling ?
You could also call IT and ask them to set up port-knocking on the server you ssh to…
iptables could be configured to dynamically add your new ip address after receving connection attempts on a pre-defined set of ports in a pre-defined order
What your IT team needs to do is either offer a VPN connection to their corporate network, or offer a router with a SD-WAN connection back to their network.