Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
3216
Views
0
Helpful
0
Comments

How to configure a dynamic-to-static VPN tunnel on the VPN Concentrator

TCC_2
Level 10
Level 10

on ‎06-22-2009 04:37 PM

Core issue

This configuration sets the base group of the VPN Concentrator to accept a pre-shared key. You cannot configure the VPN Concentrator for a LAN-to-LAN tunnel in this scenario because the address is assigned dynamically to the remote device and is not always the same (and might not be known). For this reason, you can only use this configuration with the base group.

Resolution

Complete these steps in order to configure a dynamic-to-static tunnel between the VPN Concentrator and remote device with a dynamic IP address.

The VPN Concentrator is now configured for a dynamic-to-static VPN tunnel.

Note: Configure the remote device for a normal LAN-to-LAN VPN tunnel as it knows the IP address of the VPN Concentrator. Then ensure that the policies match on both sides for Internet Security Association and Key Management Protocol (ISAKMP) and IPsec. In this case, only the remote device is able to bring up the tunnel.


For additional help with screenshots, refer to LAN-to-LAN Tunnels on a VPN 3000 Concentrator with a PIX Firewall Configured for DHCP.

In order to resolve connectivity issues on the VPN Concentrator, refer to Troubleshooting Connection Problems on the VPN 3000 Concentrator.

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents