Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

how to allow one of the statically assigned vpn tunnels to tunnel into another dynamic site?

Posted on 2016-08-05
3
Medium Priority
?
105 Views
Last Modified: 2016-08-09
here is what i'm trying to accomplish:
currently there are 3 separate vpn tunnels to 3 different sites, all are statically assigned.  my intention is to create a 4rth tunnel with statically assigned ip to tunnel into another site that is dynamically assigned ip.  Has anyone ever done this and how does it work?

devices involve: asa5515 at the static site and whatever router so long as its vpn able on the other site.  just really need to know what i need to do on the asa site since its already had multiple tunnels in place.

 Thank you,

mwauki
0
Comment
Question by:mwauki
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 97

Expert Comment

by:John Hurst
ID: 41744255
I have a Cisco RV325 VPN router with 3 tunnels to 3 clients. They static external IP addresses, whereas I have a dynamic external IP address that does not change much.

my intention is to create a 4rth tunnel with statically assigned IP to tunnel into another site that is dynamically assigned IP.

Yes, that should work.  Considerations:

1. It should not change much, but you would have to re-configure when it does.
2. Use DynDNS if you do not want to do this.
1
 
LVL 14

Accepted Solution

by:
SIM50 earned 2000 total points
ID: 41744647
The config would be the same except for crypto map and pre-shared key location. Instead of assigning a peer, you would create dynamic crypto map and put pre-shared key in the default tunnel-group.

Check this link for the configuration example of static firewall: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/119007-config-asa9x-ike-ipsec-00.html#anc10
0
 

Author Closing Comment

by:mwauki
ID: 41748386
thanks!
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question