Solved

how to allow one of the statically assigned vpn tunnels to tunnel into another dynamic site?

Posted on 2016-08-05
3
72 Views
Last Modified: 2016-08-09
here is what i'm trying to accomplish:
currently there are 3 separate vpn tunnels to 3 different sites, all are statically assigned.  my intention is to create a 4rth tunnel with statically assigned ip to tunnel into another site that is dynamically assigned ip.  Has anyone ever done this and how does it work?

devices involve: asa5515 at the static site and whatever router so long as its vpn able on the other site.  just really need to know what i need to do on the asa site since its already had multiple tunnels in place.

 Thank you,

mwauki
0
Comment
Question by:mwauki
3 Comments
 
LVL 92

Expert Comment

by:John Hurst
ID: 41744255
I have a Cisco RV325 VPN router with 3 tunnels to 3 clients. They static external IP addresses, whereas I have a dynamic external IP address that does not change much.

my intention is to create a 4rth tunnel with statically assigned IP to tunnel into another site that is dynamically assigned IP.

Yes, that should work.  Considerations:

1. It should not change much, but you would have to re-configure when it does.
2. Use DynDNS if you do not want to do this.
1
 
LVL 14

Accepted Solution

by:
SIM50 earned 500 total points
ID: 41744647
The config would be the same except for crypto map and pre-shared key location. Instead of assigning a peer, you would create dynamic crypto map and put pre-shared key in the default tunnel-group.

Check this link for the configuration example of static firewall: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/119007-config-asa9x-ike-ipsec-00.html#anc10
0
 

Author Closing Comment

by:mwauki
ID: 41748386
thanks!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Single PC won't comunicate across VPN 6 44
DHCP for a guest wireless network 1 43
Cisco Switch Port Security 2 35
Cisco ASA 5505 Login issues 2 25
The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now