Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 139
  • Last Modified:

how to allow one of the statically assigned vpn tunnels to tunnel into another dynamic site?

here is what i'm trying to accomplish:
currently there are 3 separate vpn tunnels to 3 different sites, all are statically assigned.  my intention is to create a 4rth tunnel with statically assigned ip to tunnel into another site that is dynamically assigned ip.  Has anyone ever done this and how does it work?

devices involve: asa5515 at the static site and whatever router so long as its vpn able on the other site.  just really need to know what i need to do on the asa site since its already had multiple tunnels in place.

 Thank you,

mwauki
0
mwauki
Asked:
mwauki
1 Solution
 
JohnBusiness Consultant (Owner)Commented:
I have a Cisco RV325 VPN router with 3 tunnels to 3 clients. They static external IP addresses, whereas I have a dynamic external IP address that does not change much.

my intention is to create a 4rth tunnel with statically assigned IP to tunnel into another site that is dynamically assigned IP.

Yes, that should work.  Considerations:

1. It should not change much, but you would have to re-configure when it does.
2. Use DynDNS if you do not want to do this.
1
 
SIM50Commented:
The config would be the same except for crypto map and pre-shared key location. Instead of assigning a peer, you would create dynamic crypto map and put pre-shared key in the default tunnel-group.

Check this link for the configuration example of static firewall: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/119007-config-asa9x-ike-ipsec-00.html#anc10
0
 
mwaukiSystems EngineerAuthor Commented:
thanks!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now