In order to configure a LAN-to-LAN Virtual Private Network (VPN) tunnel between two routers with dynamic IP addresses, complete these steps apart from the basic configuration:
Configure theset peer dynamiccommand on one side of the tunnel with the use of the static crypto map.
On the remote router, configure thedynamic crypto mapwithout the use of the peer statement.
With the use of theset peer dynamiccommand, the host name of the IP Security (IPsec) peer is resolved througha domain name server (DNS) lookup before the router establishes the IPsec tunnel.
Note:Only a router with a static crypto map can initiate the tunnel with the dynamic DNS resolution of the peer statement.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: