Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
777
Views
0
Helpful
1
Replies

Changin peer IP in on VPN tunnel config

Syed Azam
Level 1
Level 1

‎10-25-2012 01:13 PM

                  Hi,

any suggesion how can we change the peer ip on vpn tunnel any command or config.

have site to site vpn tunnel with two company. one company wants to replace their firewall so on our end we have been ask to do only IP change with new peer IP.

Have no clue its my 3rd day of new job.

would appreciate help.

Labels:
0 Helpful
1 Reply 1

Javier Portuguez
Level 9
Level 9

‎10-25-2012 01:20 PM

Hi Syed,

On the ASA and IOS Routers this change is made under the crypto map settings as following:

crypto map mymap 10

no set peer old_ip_address

set peer new_ip_address

However there are some specific commands:

ASA 8.3 and earlier:

tunnel-group new_IP_address type ipsec-l2l

tunnel-group new_IP_address ipsec-attributes

     pre-shared-key xxxxx

ASA 8.4 and above:

tunnel-group new_IP_address type ipsec-l2l

tunnel-group new_IP_address ipsec-attributes

    ikev1 pre-shared-key xxxxx

On IOS you need to update the pre-shared-key as well:

crypto isakmp key 0 xxxxx address new_IP_address no-xauth

HTH.

Portu.

Please rate any helpful posts


0 Helpful
Customers Also Viewed These Support Documents