11-16-2006 04:45 PM - edited 03-11-2019 01:57 AM
Hi guys, can we implement vpn on PIX with dynamic to dynamic ip? If have, can give me a link to configure it.
Thanks
11-16-2006 05:52 PM
Not sure of it's possible, as it normally need one end to have static IP.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805733df.shtml
There's a feature called DMVPN for dynamic VPN connectivity, but only for routers.
HTH
AK
11-16-2006 05:54 PM
Yes, this is possible.
use one of the Remote access VPN setups and use a DynDNS client to update your VPN Servers IP address to a DNS entry.
example configurations:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html
suggested setup:
How to Configure the Cisco VPN Client to PIX with AES:
DynDNS Software:
http://www.no-ip.com/downloads.php
sincerely
Patrick
11-16-2006 05:56 PM
BTW, do you mean dynamic VPN for site-to-site, or remote access?
For remote access (by vpn client), this is possible & common. For site-to-site, this is rare.
HTH
AK
11-17-2006 05:02 PM
I'm going to implement site-to-site vpn with pix, Both site A & B using dynamic ip, i can do that with linksys router using no-ip, but not sure with pix-to-pix because so far what i know pix using ip address to set the peer and receive the peer, eg.
pixA
isakmp key ******** address 0.0.0.0 netmask 0.0.0.0
pixB
crypto map mymap 10 set peer 200.x.x.x
isakmp ket ******** address 200.x.x.x
Not sure if can replace address with domain name instead :) he..he..he
Thanks
11-17-2006 05:35 PM
No, you cannot replace the IP by a DNS name.
11-17-2006 06:08 PM
Alright guys, thanks for the info.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide