Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1372
Views
0
Helpful
4
Replies

Cannot enter tunnel destination

jazzlim2004
Level 1
Level 1

‎08-24-2011 01:38 AM

Hi,

I have the following:

1. Cisco 877 adsl router x 2

2. Site A using Static IP

3. Site B using Dyn IP

I'm trying to setup VPN using tunnel method but encountered weird problem with this command on Site A router. (But its ok for Site B router)

---------------------------------------------------------------------------------------------

Remote(config-if)#tunnel destination test123.dyndns.org

Translating "test123.dyndns.org"

                                     ^

% Invalid input detected at '^' marker.

----------------------------------------------------------------------------------------------

Do anyone know what;s happening?

Please help me out.

Thank you.

Labels:
0 Helpful
4 Replies 4

clandrai
Cisco Employee
Cisco Employee

‎08-24-2011 02:55 AM

Hello Kim,

The problem seem to be due to the router unable to resolve the name "test123.dyndns.org" - I get similar output when trying this with some unresolvable name.

But regardless of that, this way to configure will not work, because the IOS router will do the DNS resolution once at configuration time, and then store the IP address, as I tested:

router(config)#ip host test123.mydomain.com 10.1.2.3

router(config)#int tunnel1

router(config-if)#tunnel destination test123.mydomain.com

router(config-if)#end

router#sh run int tunnel1

Building configuration...

Current configuration : 68 bytes

!

interface Tunnel1

no ip address

tunnel destination 10.1.2.3

end

It will not be resolved at connection time.

Therefore you will need to configure router A as a dynamic VTI (assuming you were trying to configure static VTI initially), and tunnel will always be initiated from router B.

Here is a link to a configuration guide:

     http://www.cisco.com/en/US/partner/docs/ios-xml/ios/sec_conn_vpnips/configuration/15-1s/sec-ipsec-virt-tunnl.html#GUID-334CA827-6CC6-4743-9DC8-D4F8F31F79B5

Let me know if you need further help.

Cheers,

Chris

0 Helpful

jazzlim2004
Level 1
Level 1
In response to clandrai

‎08-24-2011 07:59 PM

Clandai,

Can you attach or relink the file to me again for the configuration guide? Cos I cannot access it.

Thank you so much

0 Helpful

clandrai
Cisco Employee
Cisco Employee
In response to jazzlim2004

‎08-25-2011 06:48 AM

Hi Kim,

Please try this one (it is essantially the same document):

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t14/feature/guide/gtIPSctm.html

And this:

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6635/prod_white_paper0900aecd803645b5.html

marwanshawi's suggestion to use DMVPN is a good solution too.

With DMVPN you will have to add routing on top of it - it scales better for large networks.

EzVPN with dynamic VTI uses reverse-route injection which should do fine for simpler networks.

Best regards,

Chris

0 Helpful

Marwan ALshawi
VIP Alumni
VIP Alumni

‎08-24-2011 05:26 AM

i think if you you use DMVPN your issue will be resolved

configure SIte A as Hub and Site B as Spoke

site B will register to Site Static IP and then Site A will know about site B IP

se the bellow example

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008014bcd7.shtml

HTH

if helpful Rate

0 Helpful
Customers Also Viewed These Support Documents