08-25-2014 06:22 AM - edited 02-21-2020 07:47 PM
I would like to create a site-to-site IPSec VPN on Cisco 1941 router.
1. What license do i need for the routers (k9 or sec/k9)?
2. Do I need static public IP addresses for all of the sites?
3. Is there a limit on the number of sites?
Thanks in advance for your help.
08-25-2014 07:41 PM
You will need sec/k9 for VPN. It could be easier with static addresses or at least one site as static. Others can be dynamic and you will be required to use a dynamic crypto map. You will be limited to your hardware (not sure of the number) but you could look into DMVPN and see if that would be a better fit for your needs.
08-26-2014 04:12 AM
Hi,
Please find the answers for your queries.
1. What license do i need for the routers (k9 or sec/k9)?
Ans: You need to update with Security Technology Package License (SL-19-SEC-K9(=) / L-SL-19-SEC-K9= )
2. Do I need static public IP addresses for all of the sites?
Ans: You have options... If you have hub site and all other spoke sites connecting to it... you can have a static address at your hub site and other sites you can have dynamic ip address for peer.
3. Is there a limit on the number of sites?
Ans: Yes, there should be some limit on the VPN peers.
Regards
Karthik
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide