Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
604
Views
0
Helpful
2
Replies

L2L VPN without remote peer IP address

tonymurphy30
Level 1
Level 1

‎11-08-2011 06:59 AM

We have been asked to create a L2L vpn connection to a local government customer.

The remote site cannot provide an external IP address to terminate the VPN on, the only "external" IP address they have is on the 10.x.x.x network. I have to assume that this is to facilitae communication within different authorities, but the network admin does not know how it will cross the rest of the secure network to get out to the internet.

We only require the far end to initiate the VPN link, so if I configured the VPN without a remote peer, would this work? I would assume so, but have always used static peers.

Regards

Tony

Labels:
0 Helpful
2 Replies 2

acomiskey
Level 10
Level 10

‎11-08-2011 08:09 AM

If they initiate the connection then yes it will work but the configuration will vary depending on what you are using. ASA?

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to acomiskey

‎11-08-2011 09:20 AM

Tony

What you describe is very similar to the situation where you are setting up a site to site VPN and one of the peers has a DHCP address. This is supported and does work. In general the key thing is to create a dynamic map entry which allows your device to accept a connection initiated from the remote device when your device does not already know the address of the remote peer. Assuming that the traffic from the remote device does get through their infrastructure and through whatever firewalls they may have without any issues (and without any changes) then it should work ok for you.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents