06-30-2011 04:19 AM
Hi,
I am 99.9% certain that ASA's do not support the use of dynamic IP's for site-to-site VPNs.
I am using static for the ASA at HQ, but dynamic IP at Branch. (sonicwall)
I need static's at both ends right ?
Thank
Matt
06-30-2011 05:17 AM
Yes, ASA does support dynamic IP for site to site VPN.
At least 1 site needs to have static IP, not both.
Here is a sample configuration for your reference:
ASA having static IP, and the peer having dynamic IP:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807ea936.shtml
Traffic needs to be initiated from the dynamic end (from branch) to establish the VPN tunnel.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community