Shark Attack
asked on
IPSEC VPN
Hello,
Is is possible to create ipsec-vPn L2L tunnel when one of the sites is using non-static peer IP? (DHCP) that obviously changes it's IP daily/weekly etc...? Is it possible to make this connection work even when the IP peer changes without any administrative overhead? is this doable on both ASA's and routers?
Thank you
Is is possible to create ipsec-vPn L2L tunnel when one of the sites is using non-static peer IP? (DHCP) that obviously changes it's IP daily/weekly etc...? Is it possible to make this connection work even when the IP peer changes without any administrative overhead? is this doable on both ASA's and routers?
Thank you
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
True but if the dynamic IP changes weekly or more frequently as posed in the question, it is a waste of time because of the overhead.
I use dynamic IP at some sites but the changes are only occasional - less than twice yearly.
I use dynamic IP at some sites but the changes are only occasional - less than twice yearly.
True but if the dynamic IP changes weekly or more frequently as posed in the question, it is a waste of time because of the overhead.
What overhead?
You have to go into setup on the system and change the static IP. At least any client system I have used.
You have to go into setup on the system and change the static IP. At least any client system I have used.
LOL. I don't think you fully comprehend how dynamic VPN works. I would love to hear your theories about inner workings of DMVPN or GETVPN.
I have ben using VPN for years. So post your STEPS instead on links people have to pore through.
Unsubscribed.
Unsubscribed.
So post your STEPS instead on links people have to pore through.
Why reinvent the wheel? The links I posted have ASDM and CLI step by step instructions.
ASKER
well thank you both. I will give it a shot see how it works.
Provided links with step by step instructions how to implement either through ASDM or CLI.
No. Use Dyn DNS or equivalent.
You can do the above if the IP changes only occasionally, but not every day.