Editing Crypto Map setting on PIX

I have a PIX firewall at the office. One of our remote users has a Cisco 2600 router at his house. We have a IPSEC tunnel between the two. The home user has a dynamic IP address and from time to time it changes.
What I need to know are the commands for editing/updating the settings to reflect his new IP address. This is what it currently looks like:

crypto map VPN 22 match address 101
crypto map VPN 22 set peer 69.181.XX.XX
crypto map VPN 22 set transform-set VPN
crypto map VPN 22 set security-association lifetime seconds 28800

I have limited experience with the PIX but I can navigate around without blowing it up.

Any help is appreciated
StanleyManager Systems and TechnologyAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
DonbooConnect With a Mentor Commented:
Remove the peer first before adding an new peer.

no crypto map VPN 22 set peer 69.181.XX.XX
then add the new peer
crypto map VPN 22 set peer 98.210.157.XXX

Disregard my numbering, its just for the example.
0
 
cosmicfoxCommented:
what you need to do is change the vpn peer. the map will stay the same. what you should look into is some type of easy vpn which is good for a remote dynamic ip.
0
 
StanleyManager Systems and TechnologyAuthor Commented:
I want my boss to get a static IP for his home but until then I need to edit the peer setting. I tried the following

sf-firewall(config)# crypto map VPN 21 set peer 98.210.157.XXX
ERROR: Multiple Peers can be specified only with originate-only connections
sf-firewall(config)#

So I'm guessing I need to either  remove the original peer address and create a new one or edit the existing peer. I'd prefer to edit the existing one.
0
 
cosmicfoxCommented:
yes you are correct.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.