cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.
Get the latest news in this issue of the Cisco Small Business Monthly Newsletter

1165
Views
0
Helpful
7
Replies
Highlighted
Beginner

Intersite connectivity with UC560

HI,

I am trying to implement intersite connection with two uc560.I am using dyndns for establishing the connection . Here the problem which I am facing is ,

in first site-(Site A) before UC560 the internect connection is shared with sonicwall TZ200 and on other site(Site-B) there is one broadband router.The connection which I had made over the site is , I had taken LAN connection from both  devices to the WAN port of UC560 and IP address release over the WAN port is in the same range of sonicwall  and broadband router's LAN network. I had configured DDNS account also inside UC560. i am able to ping the dns name from outside world too.but after configuring the multisite establishment prerequesists , I ma not  able to communicate both the sites.

Please suggest me a propoer way for doing the multisite communication with Dyndns account.

Everyone's tags (3)
7 REPLIES 7
Highlighted

Re: Intersite connectivity with UC560

Hello Rinchu,

In the status of the multisite does it shows VPN as up?

In the field of the site you should enter the DNS names not the ip.

Change the ip addresses of the wan port of the UC560 to static and make the UC560 DMZ on the routers in front of the UC.

Also LAN side data vlan of the both UC500 should be different e.g. UC560 site1 - Data vlan - 192.168.10.0, UC560 site2 -data vlan - 192.168.20.0.

You may also change the wan ip netowrk on the both on site 1 - 192.168.1.0, on site b 192.168.2.0.

Best regads,

Alex

Highlighted
Beginner

Re: Intersite connectivity with UC560

Thank u Alex for ur reply...

And if I am establishing  VPN tunnel b/w site to site what will be the next step to connecting two UC560 together?

Because on the first discussion i made the network too complecated.

Please suggest me .....

Regards,

Raj

Highlighted
Hall of Fame Master

Re: Intersite connectivity with UC560

Classic site to site ipsec VPN with dynamic addresses on both sides on Cisco IOS is doable, but not easy, it took myself a long time to get it right.

Once you hace configured dynamic dns you will need to use a special dynamic keywork for the peer in crypto map, and use some kind of large netmask for the shared keys.

One alternative could be easy VPN, but if the 'server' side changes address, that might fail miserably too.

So, either get at least one static address, or be ready to spend a lot of time, or hire a truly smart expert for the job.

Highlighted
Beginner

Re: Intersite connectivity with UC560

I am still continuing with DDNS only and I established VPN between two site with sonicwall. Is UC560 will communicate together behind this VPN? .

Highlighted

Re: Intersite connectivity with UC560

Hello Raj,

If you have connectivity between the two WAN ports of the UC500 over the other VPN then you may try to create multisite VPN when you just enter the WAN address of the other site wan address if it is reachable.

Best regards,

Alex

Highlighted
Hall of Fame Master

Re: Intersite connectivity with UC560

I have seen before that sonicwall VPN doesn't work very good, so you may have problems in doing that.

Anyway if it works, Cisco doesn't need dynamic DNS then.

Highlighted
Beginner

Re: Intersite connectivity with UC560

Hai ,

My attempt for configuring VPN b/w 2 UC's behind Sonicwall got failed and now I established  PPPoE connection in UC560 and I am able to share internet connection  and more over I can access both UC from outside too. But when I am trying to establish my multisite connection , it gets failed and getting a message of

There is an error in the current multisite configuration.  If you would like to try to remove the existing multisite configuration please click the button below.  Otherwise, you cannot proceed with using the multisite manager.

 

A problem was detected in the running configuration that may interfere with a multsite configuration:


A matching NAT ACE is missing for existing crypto ACE


Click Cancel and manually reconcile the configuration, or click Remove Existing Configuration to continue.

Please suggest me to overcome to solve this issue and get VPN estableshed..