deploy a vpn from an appliance

I have a client (for our SOC) whos home is protected by a PAN 200 firewall (palto alto) but doesnt have a static ip address. The issue Im facing is how to send all the logs to our vps without having to open up all IP addresses. From what I understand, site to site vpns require static ips on either side, so I was considering adding an openvpn access server on our end and somehow establishing a connection from the PAN 200 appliance to our server. Is this possible in any way?


It is possible to setup openVPN server on the VPS end. the specific procedure would depend on what operating system the VPS is running. You might also consider Wireguard as an alternative to OpenVPN. If your only objective is to ship log files from the home office environment, you might also consider using ssh. Although, if you decide to employ ssh in this capacity, you should disable password authentication and accept only key-based authentication.