Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
761
Views
0
Helpful
2
Replies

Site-to-Site VPN Using Two (2) Firepower 1010s

Go to solution
Shahir Ahang
Level 1
Level 1

‎09-22-2023 03:14 PM

I've had to replace two ASA 5506 firewalls with Firepower 1010 that had a VPN tunnel between them connecting two sites. Once site has a static IP address and the other has a dynamic IP address which was required for RDS, site-to-site VPN and other connectivity. Besides the site-to-site VPN, all other requirements are gone, and I am wondering if I can do site-to-site VPN with the two Firepower 1010s without a static IP address. If so, can someone also point me to where this is documented. I have only found articles like this:

https://www.petenetlive.com/kb/article/0001681

 

which is not exactly my use case. I am seeing a Dynamic endpoint type in the VPN wizard in FDM (attached) but all articles I have seen references a static endpoint. Any assistance would be appreciated.

Labels:
Preview file
169 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Pavan Gundu
Cisco Employee
Cisco Employee

‎09-23-2023 11:17 PM

At least one side should have a static public IP / static public NATed IP. Both cannot be dynamic IP's.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Pavan Gundu
Cisco Employee
Cisco Employee

‎09-23-2023 11:17 PM

At least one side should have a static public IP / static public NATed IP. Both cannot be dynamic IP's.

0 Helpful

Go to solution
Shahir Ahang
Level 1
Level 1

‎09-25-2023 06:45 AM

@Pavan Gundu - Thank you for your response. I do appreciate it.

0 Helpful
Customers Also Viewed These Support Documents