02-27-2013 09:52 AM
Hi,
can you help me to change peer ip address in site to site VPN. How can i remove and add new peer ip address in existing tunnel.
Please give me command that i can use and do it.
thanks,
02-27-2013 10:01 AM
Hi,
You dont mention if we are talking about an ASA firewall or perhaps even a router.
In general on ASA / PIX firewall side you would probably
Remove the old "tunnel-group" configurations and create new ones with different peer IP address
You would also remove the old "crypto map
- Jouni
02-27-2013 10:07 AM
but i made configuration on router
crypto map nikunj123 ipsec-isakmp
set peer 10.260.32.63
set security-association lifetime seconds 28800
set transform-set 3des-sha
set pfs group2
match address patel_brohters
I want to replace that 10.260.32.63 with new 10.260.32.78
can you provide me command?
thanks for reply
02-27-2013 10:10 AM
i think i have go with
no crypto map nikunj123 ipsec-isakmp
than i have to create again
crypto map nikunj123 ipsec-isakmp
set peer 10.260.32.78
set security-association lifetime seconds 28800
set transform-set 3des-sha
set pfs group2
match address patel_brohters
m i right?
02-27-2013 10:13 AM
Hi,
I guess that might be one option or just removing and replacing the old peer.
There should also be a configuration line that defines the PSK/Pre-Shared-Key for the L2L VPN connection that also includes the old peer IP address.
- Jouni
02-27-2013 10:22 AM
no crypto map nikunj123 ipsec-isakmp
from this command i can remove cyprot map. am i right?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide