Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
500
Views
4
Helpful
8
Replies

VPN with dynamic IP

hardiklodhia
Level 1
Level 1

‎01-15-2007 10:05 PM - edited ‎02-21-2020 02:48 PM

Hello All,

I have 506 e pix at Site.That site is having Adsl router with dynamic IP add provided by ISP for internet access.I want to configure VPN.Pix will be VPN server and remote user will have VPN client software with their laptop/Pc.

Now my question is as site has dynamic IP,is it possible to connect through VPN.

Any workaround ??

Thanks In Advance.

Labels:
0 Helpful
8 Replies 8

5220
Level 4
Level 4

‎01-15-2007 11:22 PM

Hi,

Yes, it is possible. You will specify the ike to use the dns name (isakmp identity).

Configure the name and domain (e.g. pix.isp-domain.com).

Then you need to advise your ISP to register the DNS dynamically to the IP address. Adsl router might as well be able to provide you Dynamic DNS services.

Nevertheless you should ask ISP to provide you static IP, this will simplify the design.

Please rate if this helped.

Regards,

Daniel

0 Helpful

hardiklodhia
Level 1
Level 1
In response to 5220

‎01-16-2007 12:36 AM

Hi Daniel,

I have to configure dns name and domain in pix correct?then in case isp refuse to register the dns dynamically then any other solution ?there is no chance for static ip.

thanks,

0 Helpful

5220
Level 4
Level 4
In response to hardiklodhia

‎01-16-2007 03:32 AM

Hi,

The other solution is either a static ip, or for your ADSL to support Dynamic DNS service.

To find more about DynDNS check:

http://www.dyndns.com/services/dns/dyndns/

Once you done that, you need to specify on the ADSL to forward any incoming traffic on PIX IP, making ADSL transparent.

Please rate if this helped.

Regards,

Daniel

hardiklodhia
Level 1
Level 1
In response to 5220

‎01-16-2007 05:33 AM

Hi,

Thanks for ur reply.pls guide that if anything should be taken care in pix and client configuration.

rgrds,

0 Helpful

5220
Level 4
Level 4
In response to hardiklodhia

‎01-16-2007 10:30 AM

Hi,

On the Cisco VPN client you need to specify the dns string: pix.domain.com.

Nothing special on the PIX.

On the ASL redirect the incoming traffic to the PIX.

Please rate if this helped.

Regards,

Daniel

0 Helpful

hardiklodhia
Level 1
Level 1
In response to 5220

‎01-22-2007 10:17 PM

hi,

how to make adsl router trnsparent.and portforwarding for vpn??which ports to be forwarded>??

thanks ,

0 Helpful

5220
Level 4
Level 4
In response to hardiklodhia

‎01-25-2007 12:23 AM

Hi there,

You can specify the PIX as internal server and thus all the requests that hit ADSL will be forwarded to PIX IP (thus ADSL becomes transparent).

If oyu want port forwarding, you need to forward the ports: UDP 500, UDP 10000, UDP 4500.

It is very important in this case to enable nat transparency on the PIX, so that the IPSEC will use the UDP port 4500 or 10000.

Please rate if this helped.

Regards,

Daniel

0 Helpful

hardiklodhia
Level 1
Level 1
In response to 5220

‎01-26-2007 06:59 AM

Hi,

Thanks again ..

i tried a lot by port forwarding.. but its not working.But i think we also need to specify ESP port 50 to forward that option is not available in adsl router so i am going to change the router.Any other tips...

rgrds,

0 Helpful
Customers Also Viewed These Support Documents