how to allow one of the statically assigned vpn tunnels to tunnel into another dynamic site?

here is what i'm trying to accomplish:
currently there are 3 separate vpn tunnels to 3 different sites, all are statically assigned.  my intention is to create a 4rth tunnel with statically assigned ip to tunnel into another site that is dynamically assigned ip.  Has anyone ever done this and how does it work?

devices involve: asa5515 at the static site and whatever router so long as its vpn able on the other site.  just really need to know what i need to do on the asa site since its already had multiple tunnels in place.

 Thank you,

mwauki
mwaukiSystems EngineerAsked:
Who is Participating?
 
SIM50Commented:
The config would be the same except for crypto map and pre-shared key location. Instead of assigning a peer, you would create dynamic crypto map and put pre-shared key in the default tunnel-group.

Check this link for the configuration example of static firewall: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/119007-config-asa9x-ike-ipsec-00.html#anc10
0
 
JohnBusiness Consultant (Owner)Commented:
I have a Cisco RV325 VPN router with 3 tunnels to 3 clients. They static external IP addresses, whereas I have a dynamic external IP address that does not change much.

my intention is to create a 4rth tunnel with statically assigned IP to tunnel into another site that is dynamically assigned IP.

Yes, that should work.  Considerations:

1. It should not change much, but you would have to re-configure when it does.
2. Use DynDNS if you do not want to do this.
1
 
mwaukiSystems EngineerAuthor Commented:
thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.