• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 542
  • Last Modified:

VPN solution - frequently changing public IP addresses

We have a client with an interesting problem - a remote (European) site is dealing with an ISP that is required to change their public IP on a frequent (monthly) basis - government policy, and there's nothing that can be done about it..  Details:

- remote site has a PIX 501 w/ a Cisco router in front terminating a DSL connection
- home (HQ) has an ASA 5520 servicing a DSL connection

We need a solution that will dynamically reconfigure the remote end when the ISP demands a change in the public IP.

Thanks, and reference links/docs are always appreciated!

0
cfan73
Asked:
cfan73
  • 3
  • 2
3 Solutions
 
shubhanshu_jaiswalCommented:
You can configure EZVPN is this case...kindly go through the below mentioned link...
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080809222.shtml
0
 
uniplastCommented:
I suppose you want to make vpn connection between two devices, one of which has a dynamic IP address.
On this link you have an example of how it works


http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805733df.shtml

0
 
cfan73Author Commented:
Thanks for the response, guys - if either solution above could work in this situation, can you help me understand why one (like the dynamic-to-static IPsec w/ NAT solution) would be REQUIRED over using just EZVPN?

Thank you - answer that, and I'll award points to both!
0
Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

 
cfan73Author Commented:
Thanks, uniplast - I've been through this, and feel I understand the EZ-VPN solution (which seems to support the same NAT scenario detailed in the "Dynamic-to-static IPsec" solution).  Can you identify when this would be REQUIRED, and EZ-VPN would NOT work?

Thanks again - sorry if I'm missing something obvious...
0
 
uniplastCommented:
Topology
EZVPN - Only - Hub and spoke
EZVPN - QoS - Supported but QoS policy is not dynamically pushed to the remote sites
etc....
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now