Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Editing Crypto Map setting on PIX

Posted on 2009-04-03
4
Medium Priority
?
1,184 Views
Last Modified: 2012-05-06
I have a PIX firewall at the office. One of our remote users has a Cisco 2600 router at his house. We have a IPSEC tunnel between the two. The home user has a dynamic IP address and from time to time it changes.
What I need to know are the commands for editing/updating the settings to reflect his new IP address. This is what it currently looks like:

crypto map VPN 22 match address 101
crypto map VPN 22 set peer 69.181.XX.XX
crypto map VPN 22 set transform-set VPN
crypto map VPN 22 set security-association lifetime seconds 28800

I have limited experience with the PIX but I can navigate around without blowing it up.

Any help is appreciated
0
Comment
Question by:Stanley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 6

Expert Comment

by:cosmicfox
ID: 24063029
what you need to do is change the vpn peer. the map will stay the same. what you should look into is some type of easy vpn which is good for a remote dynamic ip.
0
 

Author Comment

by:Stanley
ID: 24063431
I want my boss to get a static IP for his home but until then I need to edit the peer setting. I tried the following

sf-firewall(config)# crypto map VPN 21 set peer 98.210.157.XXX
ERROR: Multiple Peers can be specified only with originate-only connections
sf-firewall(config)#

So I'm guessing I need to either  remove the original peer address and create a new one or edit the existing peer. I'd prefer to edit the existing one.
0
 
LVL 6

Expert Comment

by:cosmicfox
ID: 24063877
yes you are correct.
0
 
LVL 9

Accepted Solution

by:
Donboo earned 1000 total points
ID: 24063885
Remove the peer first before adding an new peer.

no crypto map VPN 22 set peer 69.181.XX.XX
then add the new peer
crypto map VPN 22 set peer 98.210.157.XXX

Disregard my numbering, its just for the example.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question