Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Dynamic L2L tunnel?

Posted on 2009-04-21
6
Medium Priority
?
261 Views
Last Modified: 2012-06-27
We have a work from home employee, who my boss wants to create a site-to-site tunnel with. The problem is, this user does not have a static IP. Is there a way to do a site-to-site tunnel if one end has a dynamic IP?

It is a cisco pix 506e at the home site and pix 515e which it will be terminating to
0
Comment
Question by:dissolved
  • 3
  • 3
6 Comments
 

Author Comment

by:dissolved
ID: 24195511
ok, looks like I have to setup the receiving end to do this.  

Is this all I have to do on the receiving end?
Obviously I have to remove the "set peer" command too

isakmp key ******** address 0.0.0.0 netmask 0.0.0.0
0
 
LVL 15

Expert Comment

by:Voltz-dk
ID: 24201952
The easiest would probably be to setup the 515e for remote-access instead of l2l, and then use the 506e as a hardware client.  If you enable NEM, this will be pretty much like a L2L.
Would that suffice?

Otherwise please state why it must be L2L, and what software version you have on the 515e.
0
 

Author Comment

by:dissolved
ID: 24204170
The 515e is running 8.0(3) and the pix 506e is running 6.3(5)

I am open to suggestions on how to do this. It doesn't have to be L2L, but we would like to place a pix at this user's house.    what is NEM?

0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 15

Expert Comment

by:Voltz-dk
ID: 24205031
NEM is network extention mode for hardware clients.  Wheter you need it kinda depends on wheter this user has servers that central site needs to access.
If not, then regular hardware client would do.  It works just like the software client, except the PIX handles it seemlessly.
0
 

Author Comment

by:dissolved
ID: 24205328
could you link me to a config on how to setup the pix as a vpn client please? or give me directions
0
 
LVL 15

Accepted Solution

by:
Voltz-dk earned 2000 total points
ID: 24205716
Here's a PIX-to-PIX example.  It uses version 6.x on both ends though, but for the client part that should be fine.  It is based on NEM mode, but that's just 1 lines difference really.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008019e6d7.shtml
0

Featured Post

Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question