cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1840
Views
12
Helpful
6
Replies

PIX VPN: Dynamic to dynamic ip

tonny_ecmyy
Level 1
Level 1

Hi guys, can we implement vpn on PIX with dynamic to dynamic ip? If have, can give me a link to configure it.

Thanks

6 Replies 6

a.kiprawih
Level 7
Level 7

Not sure of it's possible, as it normally need one end to have static IP.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805733df.shtml

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a0080094680.shtml

There's a feature called DMVPN for dynamic VPN connectivity, but only for routers.

HTH

AK

Yes, this is possible.

use one of the Remote access VPN setups and use a DynDNS client to update your VPN Servers IP address to a DNS entry.

example configurations:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html

suggested setup:

How to Configure the Cisco VPN Client to PIX with AES:

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a00801e71c0.shtml

DynDNS Software:

http://www.no-ip.com/

http://www.no-ip.com/downloads.php

sincerely

Patrick

BTW, do you mean dynamic VPN for site-to-site, or remote access?

For remote access (by vpn client), this is possible & common. For site-to-site, this is rare.

HTH

AK

I'm going to implement site-to-site vpn with pix, Both site A & B using dynamic ip, i can do that with linksys router using no-ip, but not sure with pix-to-pix because so far what i know pix using ip address to set the peer and receive the peer, eg.

pixA

isakmp key ******** address 0.0.0.0 netmask 0.0.0.0

pixB

crypto map mymap 10 set peer 200.x.x.x

isakmp ket ******** address 200.x.x.x

Not sure if can replace address with domain name instead :) he..he..he

Thanks

No, you cannot replace the IP by a DNS name.

Alright guys, thanks for the info.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: