Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cisco VPN Connections between static and dynamic IP's

Posted on 2007-12-03
3
Medium Priority
?
2,283 Views
Last Modified: 2013-11-16
We have a Cisco ASA 5505 at a site with a static IP address and would like to be able to establish site-to-site VPN connections from PIX 501 firewalls on dynamic IP addresses.  When you set up a site-to-site connection, you're only allowed to enter an IP address.  If we use a dynamic IP address and it changes, the VPN will be broken.  Is there a way to set the ASA 5505 to accept incoming site-to-site VPN connections without having to explicitly specify the IP it's coming from?
0
Comment
Question by:OAC Technology
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 10

Accepted Solution

by:
cstosgale earned 2000 total points
ID: 20399658
Cisco Easy VPN is the way forward. It's not actually that easy, but it does the trick. Here's a config for a router to an ASA:-

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080809222.shtml

The config for a pix shouldn't be significantly different, if you can use ASDM to configure it it makes it all even easier.
0
 
LVL 3

Expert Comment

by:RouterDude
ID: 20408348
What you are trying to accomplish is DMVPN, or dynamic multipoint VPN. WE have a couple of these setup and they work great, only downside is they only work on routers, not on the PIX or ASA.

Here is another link that is more specific to your question.

http://www.cisco.com/en/US/partner/products/ps6120/products_configuration_example09186a00805c5ad9.shtml
0
 
LVL 2

Author Closing Comment

by:OAC Technology
ID: 31412469
Thank you!
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question