OpenVPN and CGNAT - rewrite OpenVPN Configuration on the fly?

[scooter133]

We use OpenVPN to connect remote sites to our central office. We’ve implemented Dynamic DNS to make sure we get IP address updates from our remote offices when the carrier changes them, but OpenVPN requires that we specify the incoming port that were we expect incoming packets.

One of our sites using Starlink and they use CGNAT, so instead of the incoming port being 1194, it’s some random port above 20000 and it changes frequently. What we do now is use tcpdump to try to find incoming packets from the remote site and look at what port is being used. Then we go into the UI Web Interface and update the OPENVPN confirmation to use the actual remote port we are seeing. This brings the VPN up.

We are looking for a way to automatically do this. Find the incoming port and update the OPENVPN configuration. Any ideas?

Can we use Boot Chicken like the Conditional DNS Script to alter the OpenVPN configuration of the incoming IP for the Local Port??

I'm not a script or OpenVPN guy by any means. Assistance on this would be Great.

[gatesry]

While I'm not 100% familiar with OpenVPN and its port mappings. Have you explored solutions like gravitl/netmaker or CloudFlare DDNS?

Edit: Also including this awesome-list of reverse tunnel projects