Solved

Cisco VPN Connections between static and dynamic IP's

Posted on 2007-12-03
3
2,269 Views
Last Modified: 2013-11-16
We have a Cisco ASA 5505 at a site with a static IP address and would like to be able to establish site-to-site VPN connections from PIX 501 firewalls on dynamic IP addresses.  When you set up a site-to-site connection, you're only allowed to enter an IP address.  If we use a dynamic IP address and it changes, the VPN will be broken.  Is there a way to set the ASA 5505 to accept incoming site-to-site VPN connections without having to explicitly specify the IP it's coming from?
0
Comment
Question by:OAC Technology
3 Comments
 
LVL 10

Accepted Solution

by:
cstosgale earned 500 total points
ID: 20399658
Cisco Easy VPN is the way forward. It's not actually that easy, but it does the trick. Here's a config for a router to an ASA:-

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080809222.shtml

The config for a pix shouldn't be significantly different, if you can use ASDM to configure it it makes it all even easier.
0
 
LVL 3

Expert Comment

by:RouterDude
ID: 20408348
What you are trying to accomplish is DMVPN, or dynamic multipoint VPN. WE have a couple of these setup and they work great, only downside is they only work on routers, not on the PIX or ASA.

Here is another link that is more specific to your question.

http://www.cisco.com/en/US/partner/products/ps6120/products_configuration_example09186a00805c5ad9.shtml
0
 
LVL 2

Author Closing Comment

by:OAC Technology
ID: 31412469
Thank you!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Site-to-Site VPN Cisco ASA 5505 to Cisco RV320 4 92
Cisco NBAR 6 31
Cisco IOS from ipbase to ipservices 10 77
Cisco Policy Based Routing with extended and standard ACLs 2 26
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now