VPN solution - frequently changing public IP addresses

Posted on 2010-11-16
Last Modified: 2012-05-10
We have a client with an interesting problem - a remote (European) site is dealing with an ISP that is required to change their public IP on a frequent (monthly) basis - government policy, and there's nothing that can be done about it..  Details:

- remote site has a PIX 501 w/ a Cisco router in front terminating a DSL connection
- home (HQ) has an ASA 5520 servicing a DSL connection

We need a solution that will dynamically reconfigure the remote end when the ISP demands a change in the public IP.

Thanks, and reference links/docs are always appreciated!

Question by:cfan73
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2

Accepted Solution

shubhanshu_jaiswal earned 300 total points
ID: 34152607
You can configure EZVPN is this case...kindly go through the below mentioned link...

Assisted Solution

uniplast earned 200 total points
ID: 34156810
I suppose you want to make vpn connection between two devices, one of which has a dynamic IP address.
On this link you have an example of how it works


Author Comment

ID: 34157878
Thanks for the response, guys - if either solution above could work in this situation, can you help me understand why one (like the dynamic-to-static IPsec w/ NAT solution) would be REQUIRED over using just EZVPN?

Thank you - answer that, and I'll award points to both!
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.


Expert Comment

ID: 34158147

Author Comment

ID: 34158527
Thanks, uniplast - I've been through this, and feel I understand the EZ-VPN solution (which seems to support the same NAT scenario detailed in the "Dynamic-to-static IPsec" solution).  Can you identify when this would be REQUIRED, and EZ-VPN would NOT work?

Thanks again - sorry if I'm missing something obvious...

Assisted Solution

uniplast earned 200 total points
ID: 34159135
EZVPN - Only - Hub and spoke
EZVPN - QoS - Supported but QoS policy is not dynamically pushed to the remote sites

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question