Try looking at an 867VAE.

rbelusko1 · ‎03-28-2016

Hello,

Is it possible to use host names rather than IP addresses to specify the remote tunnel address?

All the research I've done on this comes back to configurations where one host is dynamic and the other is static (dynamic host contacts the static host - makes sense), but nowhere can I find information on a configuration where BOTH ends are dynamic and a host name rather than an IP address is needed in the config file.

Thanks

Bob

Philip D'Ath · ‎03-28-2016

What type and model Cisco device are you referring to? The answer varies based on this.

rbelusko1 · ‎03-29-2016

Philip,

This is a Cisco "1721 10/100 BASE T MODULAR ROUTER".

Thanks

Bob

Aditya Ganjoo · ‎03-28-2016

Hi,

Here is the link for setting up Dynamic to Dynamic VPN tunnel:

http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-architecture-implementation/118048-technote-ipsec-00.html

Regards,

Aditya

Please rate helpful posts and mark correct answers.

rbelusko1 · ‎03-29-2016

HI Aditya,

I did see the guide you posted but I was only able to get this far:

set peer example-b.cisco.com dynamic

I received an error message when I tried to enter that line. I am using a Cisco 1700 series router.

Thanks

Bob

Philip D'Ath · ‎03-29-2016

You need a recent IOS to get the "dynamic" option, at least 15.x.

I am not confident you can run a new enough IOS on a 1721 to be able to do this. Perhaps you could consider a lower cost replacement option like a Cisco 897 (which does have this capability).

rbelusko1 · ‎03-29-2016

Unfortunately the 897 is a wee bit out of my price range :)

Are their any models that are cheaper with IOS 15?

Thanks

Bob

Philip D'Ath · ‎03-29-2016

Try looking at an 867VAE.

IPSec tunnel - dynamic host to dynamic host (using hostnames rather than IP addresses)