05-22-2009 02:14 AM - edited 03-21-2019 01:07 AM
Hi,
I need to configure site to site vpn using UC 500 , in one side, i have static ip the other end it is dynamic , what is best way to set up a connection using this scenario , EZVPN_GROUP_1 is configured , clients can access the system, but I cannot configure the two UC for communicating each other .
Please advise me what way I can connect these systems.
Regards
Suraj kumar
05-22-2009 06:41 AM
Look at Page 3.
05-22-2009 07:11 AM
UC 520 in the main site
When I configure using as per the doc
My main site UC is having static ip in WANfor ex xxx.xxx.xxx.xxxx 255.255.255.248
Lan ip is 172.32.0.0 /24
Well the other site
Have Dyanmic ip in wan site
Lan side 192.168.10.0 /24
When I ceate the isakmp policy in the main router having static IP
Crypto isakmp policy 1
Encr 3des
Hash md5
Authentication pre-share
Group2
Crypto isakmp key sbcs address ( the remote site ip is dynamic I have dyndnshostname , but it is not accepting)
What can I do here?
Please advise.
05-22-2009 09:43 AM
what is the CLI rejection saying exactly?
05-22-2009 10:15 AM
Cisco (config)#Crypto isakmp key sbcs address aaa.dyndns.org
^
% Invalid input detected at '^' marker.
When I try a host name instead of ip address the system says invalid input .The host name which I posted is not a real hostname (just an example).If I put my real hostname also the result is the same.
05-22-2009 10:45 AM
Try Hostname parameter instead?
SBCS-Mobility(config)#crypto isakmp key ?
0 Specifies an UNENCRYPTED password will follow
6 Specifies an ENCRYPTED password will follow
WORD The UNENCRYPTED (cleartext) user password
SBCS-Mobility(config)#crypto isakmp key key123 ?
address define shared key with IP address
hostname define shared key with hostname
SBCS-Mobility(config)#crypto isakmp key key123
05-22-2009 12:11 PM
CISCO(config)#crypto map multisite 1 ipsec-isakmp
% NOTE: This new crypto map will remain disabled until a peer
and a valid access list have been configured.
CISCO(config-crypto-map)#
Please advise me which acl i have to define her
05-24-2009 10:09 AM
You can normalize your config by following the steps in his app note as well:
https://supportforums.cisco.com/docs/DOC-9692
Esentially, the same on as Steve's.
Thanks,
Marcos
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide