Unfortunately no, you need static IP addresses for a vti tunnel using the ER cli. In theory you could do it with a custom StrongSwan config you include in the vpn section but I'm not an expert and can't tell you how that would work.
Does your dynamic endpoint change addresses often? My ISP usually only gives me a new one after a modem or router reboot. With a dynamic public DNS entry you can always learn the new dynamic IP and update the static end's config. That assumes it's a rare event.
edit ipsec vpn site-to-site
rename peer OLDIP to peer NEWIP
commit
save
Does your dynamic endpoint change addresses often? My ISP usually only gives me a new one after a modem or router reboot. With a dynamic public DNS entry you can always learn the new dynamic IP and update the static end's config. That assumes it's a rare event.
edit ipsec vpn site-to-site
rename peer OLDIP to peer NEWIP
commit
save
