Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 470
  • Last Modified:

VPN solution - frequently changing public IP addresses

We have a client with an interesting problem - a remote (European) site is dealing with an ISP that is required to change their public IP on a frequent (monthly) basis - government policy, and there's nothing that can be done about it..  Details:

- remote site has a PIX 501 w/ a Cisco router in front terminating a DSL connection
- home (HQ) has an ASA 5520 servicing a DSL connection

We need a solution that will dynamically reconfigure the remote end when the ISP demands a change in the public IP.

Thanks, and reference links/docs are always appreciated!

0
cfan73
Asked:
cfan73
  • 3
  • 2
3 Solutions
 
shubhanshu_jaiswalCommented:
You can configure EZVPN is this case...kindly go through the below mentioned link...
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080809222.shtml
0
 
uniplastCommented:
I suppose you want to make vpn connection between two devices, one of which has a dynamic IP address.
On this link you have an example of how it works


http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805733df.shtml

0
 
cfan73Author Commented:
Thanks for the response, guys - if either solution above could work in this situation, can you help me understand why one (like the dynamic-to-static IPsec w/ NAT solution) would be REQUIRED over using just EZVPN?

Thank you - answer that, and I'll award points to both!
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
cfan73Author Commented:
Thanks, uniplast - I've been through this, and feel I understand the EZ-VPN solution (which seems to support the same NAT scenario detailed in the "Dynamic-to-static IPsec" solution).  Can you identify when this would be REQUIRED, and EZ-VPN would NOT work?

Thanks again - sorry if I'm missing something obvious...
0
 
uniplastCommented:
Topology
EZVPN - Only - Hub and spoke
EZVPN - QoS - Supported but QoS policy is not dynamically pushed to the remote sites
etc....
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now