TrustGroup-UAE
asked on
Cisco VPN with DDNS
Hi Experts,
Hope everyone is well?
We currently have around 4 sites all working independently of each other. When group connectivity is required they use Remote Desktop to our HQ. We are re-hashing the network and would like to provide site to site VPN's via either Cisco ASA's or Cisco Routers. The only Problem is we don’t have any static IP's and currently use NO-IP's DDNS Services. Each site has a hostyname of Site1.domain.com, Site2.comain.com, and so on. This is working fine for management purposes and to date we have had very little issue with it. Each Router on each site is accessible via SSH using the Hostmane.
Before anyone says we are based in the UAE and our Telco charges enormous amounts for a single static IP. Currently we have 100mb PPPoE DSL internet and to get a Static IP we have to move to an 8Meg Leased line at a cost of around 43,000dhs which is 7,000GBP, or 10,000USD. This is not an option financially.
So what i need to know is can Cisco ASA to ASA or Cisco Router to Souter, or even Cisco Router to ASA have VPN Tunnels without the need for Static IP's? I have previously worked on Fortinet stuff and it’s possible on Fortinet.
If it is possible could somebody provide me with any config Snippets, or links as I can’t seem to find anything anywhere?
Many thanks
TME
Hope everyone is well?
We currently have around 4 sites all working independently of each other. When group connectivity is required they use Remote Desktop to our HQ. We are re-hashing the network and would like to provide site to site VPN's via either Cisco ASA's or Cisco Routers. The only Problem is we don’t have any static IP's and currently use NO-IP's DDNS Services. Each site has a hostyname of Site1.domain.com, Site2.comain.com, and so on. This is working fine for management purposes and to date we have had very little issue with it. Each Router on each site is accessible via SSH using the Hostmane.
Before anyone says we are based in the UAE and our Telco charges enormous amounts for a single static IP. Currently we have 100mb PPPoE DSL internet and to get a Static IP we have to move to an 8Meg Leased line at a cost of around 43,000dhs which is 7,000GBP, or 10,000USD. This is not an option financially.
So what i need to know is can Cisco ASA to ASA or Cisco Router to Souter, or even Cisco Router to ASA have VPN Tunnels without the need for Static IP's? I have previously worked on Fortinet stuff and it’s possible on Fortinet.
If it is possible could somebody provide me with any config Snippets, or links as I can’t seem to find anything anywhere?
Many thanks
TME
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Mate, and PeteLong,
Many Thanks for your response. I know I can have it with one Static IP but as noted above, am unable to get a Static IP. Whilst the cost would be difficult to justify the main issue is currently our DSL is 100mb Down, 50MB Up. I can't move to a 8Meg IP Connect line for speed reasons. Our Core applications all rely on internet.
So - Is it possible if both ends are Dynamic? If not possible with Cisco is there any other way to create Site-To-Site VPN's with only Dynamic IP's using No-IP or Similar
Cheers Again
Si
Many Thanks for your response. I know I can have it with one Static IP but as noted above, am unable to get a Static IP. Whilst the cost would be difficult to justify the main issue is currently our DSL is 100mb Down, 50MB Up. I can't move to a 8Meg IP Connect line for speed reasons. Our Core applications all rely on internet.
So - Is it possible if both ends are Dynamic? If not possible with Cisco is there any other way to create Site-To-Site VPN's with only Dynamic IP's using No-IP or Similar
Cheers Again
Si
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Both Experts advised that VPN to VPN with Cisco was not possible. After speaking with TAC they advised it is BUT A FEATURE which has only just been released to the IOS.
I believe that as it was new feature only recently released, the experts may not have actually known about it, and in there best efforts advised accordingly.
I believe that as it was new feature only recently released, the experts may not have actually known about it, and in there best efforts advised accordingly.
Configure Cisco EasyVPN With Cisco ASA 5500
PL