Hi,
I have a dilemma, my home internet is down for some time and I need to use a 5G router with a mobile sim card.
I use let’s encrypt to self host my own nextcloud and as phone operators use CNAT I don’t have a static WAN IP.
So I purchased PUREVPN and a dedicated IP address and was told it won’t work with PFSENSE. 
Does anyone have this working with another VPN provider? I’d be grateful for some advice.
If you can’t find a VPN provider to do it, you could turn up an EC2 nano instance of pfsense, build a tunnel to your site, then run haproxy on the EC2 instance and point it to your on-site server. Use LE there as well for the cert. Once your internet gets fixed at home, dump the EC2 instance.
Not exactly what you’re looking for but would get you a public IP and things working.
From my limited experience looking into this, I don’t think it’s possible with most VPN providers. They’re just selling anonymity via outbound connections, they don’t usually want you to host something on their address because that would likely open them to a lot of liability problems I imagine. It’d be easier to spin up a VPS somewhere and just use CloudFlare to proxy it to keep it somewhat protected.
Private Internet Access does and I have this working with pfsense.
OVPN has static public IP as an add-on service, have been using it for a few years and it works great. They have guides for pfSense as well as many others.
If you do decide to go with them I would appreciate if you contacted me so I can give you a referral link 
PureVPN has OpenVPN configuration files - you can just download those files and minimic the settings in pfSense; they may not provide direct support, but I’m sure you can get it to wrok.
PureVPN even has a support article… https://support.purevpn.com/pfsense-openvpn-configuration-guide
Let’s encrypt also works with dns records. Scroll down to DNS-01 challenge. Then you don’t need an http server at all.
Surely you can just use a dynamic DNS service to regularly update the public IP of your 5G endpoint though and avoid bothering with an external VPN at all?
I have mullvad working with PfSense.
OVPN and IVPN have tutorials on their Websites. If you adapt them, maybe you can get it to work with PureVPN.
TorGuard has an option for a dedicated IP as well and there are help guides to get it working with pfsense.
This EXACT same thing just happened to me. Getting my money back from PureVPN. I’m thinking of going with OVPN after reading the comments below.
I purchased the dedicated ip from PureVPN and have my pfsense using the static ip as the tunnel. You simply connect your openvpn client in pfsense to the Static IP URL that was provided when you did the add on. you will have to add firewall rules to allow traffic into your router through the openvpn interface. (Which is tricky) no issues that i know of.
I’ve been doing similar with a cheap linode. HAProxy and Let’s Encrypt on the linode and OpenVPN back to home.
I see, so I use the ec2 instance to connect too when outside the house. That machine does the legwork back to the home server?
Not much you can’t do with Pfsense
I see, I will have a look at a VPS.
Any recommended providers?
Hi,
Thank you so much for the reply, this is great news.
Do you have a guide or even some prnt screen shots to help me set this up?
PIA is not good for privacy, I moved onto Mullvad VPN. PIA has gotten a lot of bad press since they were acquired.
Wow, their guides are the best I have seen.
Do you use their dedicated IP service with pfsense?