VPN connection using dynamic IP

Unanswered Question
Mar 4th, 2007

I have a PIX515 at the main office and 2 remote locations that have static IP address connected via DSL each using a linksys RVO82 to connect to the PIX515. Now I have an another site with dynamic IP. Do I use the same crypto and isakmp commands using isakmp key ******** address netmask no-xauth no-config-mode? I have attached the pix setup for the other VPN connetions


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Kamal Malhotra Sun, 03/04/2007 - 19:22


Yes, you use the same ISAKMP policies and the Crypto Map. All you need to make sure that the remote site with dynamic IP is configured for the same ISAKMP (phase 1) and IPSEC transform set (phase 2) policies and ofcourse the pre shared key has to match.


Please rate if it helps,



servnj Sun, 03/11/2007 - 17:19

Thanks, the problem I am having now is I added access-list nonat permit ip

and access-list 110 permit ip

When I enter the crypto map command I get an error crypto map mymap incomplete. I reloaded the PIX and just added isakmp key ******** address netmask no-xauth no-config-mode. With this I am able to get the tunnel connected. How do I get the crypto map to take or since I have the connection up do I need to enter them in?


This Discussion