Mon Oct 03, 2022 11:28 pm
Can you give more details on what you are trying to achieve? In any case, a transport packet of a tunneling protocol always goes from exactly one of the own addresses of the router to exactly one remote address. So if you want the tunnel to work directly over the internet and your WAN IP address is dynamic, you specify the local-address as 0.0.0.0 and the routing does the rest. But if the address of the remote peer is dynamic, and dynamic DNS cannot be used, you have to create 16 tunnels, one per each address in the /28, with keepalive enabled on all of them and a route via each of them. So depending on which address out of the /28 the remote peer currently has, the corresponding tunnel interface and the route attached to it become active.