11-16-2006 04:45 PM - edited 03-11-2019 01:57 AM
Hi guys, can we implement vpn on PIX with dynamic to dynamic ip? If have, can give me a link to configure it.
Thanks
11-16-2006 05:52 PM
Not sure of it's possible, as it normally need one end to have static IP.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805733df.shtml
There's a feature called DMVPN for dynamic VPN connectivity, but only for routers.
HTH
AK
11-16-2006 05:54 PM
Yes, this is possible.
use one of the Remote access VPN setups and use a DynDNS client to update your VPN Servers IP address to a DNS entry.
example configurations:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html
suggested setup:
How to Configure the Cisco VPN Client to PIX with AES:
DynDNS Software:
http://www.no-ip.com/downloads.php
sincerely
Patrick
11-16-2006 05:56 PM
BTW, do you mean dynamic VPN for site-to-site, or remote access?
For remote access (by vpn client), this is possible & common. For site-to-site, this is rare.
HTH
AK
11-17-2006 05:02 PM
I'm going to implement site-to-site vpn with pix, Both site A & B using dynamic ip, i can do that with linksys router using no-ip, but not sure with pix-to-pix because so far what i know pix using ip address to set the peer and receive the peer, eg.
pixA
isakmp key ******** address 0.0.0.0 netmask 0.0.0.0
pixB
crypto map mymap 10 set peer 200.x.x.x
isakmp ket ******** address 200.x.x.x
Not sure if can replace address with domain name instead :) he..he..he
Thanks
11-17-2006 05:35 PM
No, you cannot replace the IP by a DNS name.
11-17-2006 06:08 PM
Alright guys, thanks for the info.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: