Solved

Cisco - No Dial-up Static, Is Dynamic DNS a Solution?

Posted on 2003-12-03
7
372 Views
Last Modified: 2010-03-19
Hello all,

I’m faced with a problem that I cannot find an ISP that will provide me with STATIC Dial-Up service.  The reason why it has to be STATIC is because I’d like to use this connection as a Backup incase the primary ADSL broadband connection drops.  This will be a VPN environment using a Cisco 1700 series router.

 - Does anyone know of a CANADA wide (or that offers Access Numbers accross Canada) Dial Up provider that offers Static IP address?
 
 - Or is there a way I can use a Dynamic DNS provider to assign a hostname to that Dynamic IP address, and configuring it within the Cisco configuration script?(No third party software)

I know there are several Dynamic DNS services out there but most require a piece of software that will determine the IP address and forward it to the Dynamic DNS provider to update the table.  Has anyone been able to support Cisco routers, I understand that the basic routers (DLink, Linksys) have support for these types of solutions.

Does anyone have any ideas?  

Thanks!


0
Comment
Question by:C0pperNic
  • 2
7 Comments
 
LVL 7

Expert Comment

by:Robing66066
ID: 9867807
I don't know of a ISP that will provide you with a static dialup account, but if you intent is just to set up a VPN tunnel as a backup, you don't need a static address on both sides.  You can set up the 17xx with a VPN tunnel using one side static and one side dynamic.  

Unless you lose both sides at the same time (odds seem low), you should be just fine.  That would be much easier (and cheaper) than trying to find an ISP who will give you a static dialup address.

0
 

Author Comment

by:C0pperNic
ID: 9867986
I didn't think that you can assign two different crypto isakmp keys to the same destination address.

example on 17xxx:
crypto isakmp policy 20
 encr 3des
 hash md5
 authentication pre-share
crypto isakmp key testPRIMARYSTATICtest address 66.77.88.99
crypto isakmp policy testBACKUPDYNAMICtest address 66.77.88.99

You'll get a pre-shared key already exsists.

Thanks
0
 
LVL 7

Accepted Solution

by:
Robing66066 earned 40 total points
ID: 9868119
Hmmmm.  Could you make both keys the same?

So you would have:

Router 1

crypto isakmp key mykey address 66.77.88.99
crypto isakmp key mykey address 0.0.0.0 0.0.0.0

...

crypto map mymap 20 ipsec-isakmp  
 set peer 66.77.88.99
 set transform-set myset
 match address 150

Router 2

crypto isakmp key mykey address 22.33.44.55
crypto isakmp key mykey address 0.0.0.0 0.0.0.0

crypto map mymap 20 ipsec-isakmp  
 set peer 22.33.44.55
 set transform-set myset
 match address 150

So, either one could initiate communication to the peer.  If it comes from the static address, then all is good and it accepts the first crypto line with the correct peer address in it.  If it come from a dynamic address, it accepts the second crypto line with the dynamic peer address.

I haven't tried this, but it seems to me it might just work.  (I know you can have multiple crypto partners with the same key, so I think it should all be good.)
0
 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 40 total points
ID: 9868960
> is there a way I can use a Dynamic DNS provider to assign a hostname to that Dynamic IP address
dyndns.org BUT you'll have to have an agent inside to keep dyndns updated and either use their DNS servers or face propagation delays.

What about using a certificate that has a wild card in it - i.e. 192.192.192.* (assuming you knew the DHCP range)
This could be self-signed ...
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now