Site-To-Site VPN with Dynamic IPs

Unanswered Question
Mar 8th, 2007

am Trying to Create a VPN Site to Site with 2 cisco Routers on a DSL network with Dynamic IPs. I have a 1841 with VPN capabilities IOS and a Cisco 871 with VPN also. Also have 2 FQDN for each site wich updates the IP ( How Could I make the routers Create a Tunnel using the IP address solved with the FQDN. I have tried but it seem to configure the ip address on the startup Config.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
dathom1093 Fri, 03/16/2007 - 11:03

I'll be interested in the answer to this... I have a similar situation between a Cisco ASA 5510 and a Linksys BEFSX41. The Cisco 5510 has a fixed IP address, but the Linksys does not. I'm planning to use the Cisco/Linksys as a replacement for a pair of ZyWall 10 VPN routers. The ZyWall's allow me to specify the FQDN of the dynamic router, but it doesn't seem that the Cisco does. The Cisco solution was recommended by CDW as a replacement for the ZyWall, but if it doesn't have this feature, it's pretty much useless...

dathom1093 Fri, 03/16/2007 - 13:59

Well, it's a step in the right direction. But how do you do this using ASDM? Or if I use the ASDM Startup Wizard for the initial configuration, can I then use the command line to modify the configuration? What happens if I then later use ASDM I lose the modifications made via command line? Seems that allowing the peer to be specified by its FQDN rather than IP address isn't that unusual a requirement (especially if the remote site is connected via broadband). So this capability needs to be in ASDM, if it's not already, so non-expert users take implement it...

esspr2006 Sun, 03/18/2007 - 12:58

It does solve some part of the Problem but I still not able to get the tunnel up.

Do I need to use Crypto map o a Dynamic Crypto map IPSec Policy. Should I also need to set any NAT-T, adjust the Firewall, create any route.

I what interface should I apply it.


This Discussion