Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2642
Views
0
Helpful
6
Replies

RV340 site to site VPN not working with DDNS

jorge.arova
Level 1
Level 1

‎01-05-2018 01:01 PM - edited ‎03-21-2019 11:02 AM

Hello,

 

I have two different sites (using RV340 routers) with public dynamic IP addresses. To create a site to site VPN I'm, trying to used DDNS service to point to the Dynamic IP addreses. I already tried setting the DDNS addresses as the FQDN for the remote endpoint and remote identifier without getting it to work. Is it possible to make this configuration work? Or what am I doing wrong? When  using the ip address it works, until the dynamic ip changes and then the tunnel fells down.

 

Thanks for the help and guidance!

 

JR

5 people had this problem
Labels:
0 Helpful
6 Replies 6

ktonev
Cisco Employee
Cisco Employee

‎01-11-2018 01:15 AM

Hello Jorge,

Using a DDNS service on both sides may cause you issues in case that the IPs are not updated at the same time. If this setup is causing you issues I would recommend using a static IP for one of the sites and DDNS on the other.

If you are having issues setting this up I please call our support centre so an engineer can assist you further.

 

0 Helpful

bert090172
Level 1
Level 1
In response to ktonev

‎05-31-2018 01:17 PM

I am having a very similar issue.

 

When I use a ip address value to remote site for vpn access, all works fine.

 

But when I use a fqdn it fails to make the vpn tunnel it fails to connect.

 

Any help appreciated.

0 Helpful

ktonev
Cisco Employee
Cisco Employee
In response to bert090172

‎06-01-2018 06:17 AM

Hi bert090172,

 

The easiest way to resolve this would be to open a service request so an engineer can check the configuraiton with you.

Here is a link to the TAC frontline: https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

0 Helpful

mdbraker
Level 1
Level 1
In response to ktonev

‎06-04-2018 03:12 PM - edited ‎06-04-2018 04:39 PM

 

Solved:

Both the 'Local Identifier Type' and the 'Remote Identifier Type' needs to be the same (Local/Remote FQDN). The setting that didn't work for me was having a 'Local Identifier Type' set to 'Local WAN IP' and the 'Remote Identifier Type' set to 'Remote FQDN'

0 Helpful

catabej@borneo
Level 1
Level 1
In response to mdbraker

‎11-05-2020 11:44 PM

I've done like you described but no luck. VPN only connects when I specify the IP.

Can you please post a screenshot of the config? 

 

thanks 

Cata

0 Helpful

Martin Aleksandrov
Cisco Employee
Cisco Employee
In response to catabej@borneo

‎11-06-2020 02:06 AM

Hello Cata,

 

A successful site-to-site connection requires that at least one of the devices be identifiable by a static IP address or a Dynamic DNS hostname. Best practices recommend using at least one site with static IP address. If you set both ends DDNS none of these services will be able to update changing IPs when and if it happens, so if you would like to try you should be prepared for a few glitches in the connections. The length of downtime would the same it will take for the DDNS service to update. 

 

Regards,

Martin

0 Helpful
Customers Also Viewed These Support Documents