VPN connection with dyn IP

Unanswered Question
Jun 19th, 2007
User Badges:

Hi there,

Is it possible to open a VPN Tunnel from an ASA to PIX but the PIX has a dynamic IP address?

We have some Branch offices using BT Broadband to log in to our network via VPN. Now the company wants to open VPN connections from our Headquarter to the Branches. Is that possible but I couldn't found a command in the comand reference doc.


thanks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Hi Juergenrieger


This is not possible, you just need to configure the Remote PIX with the address

of the Central PIX, but on the Central PIX you would need to set the ISAKMP peer

with 0.0.0.0 netmask 0.0.0.0.


isakmp key address 0.0.0.0 netmask 0.0.0.0 (Central site)

isakmp key address netmask 255.255.255.255


The remote PIX must initiate the connection as this knows about the PEER where the

Central site does not, this has been configured to dynamically accept connections from anywhere knowing the wild-card pre-shared key.


Regards MJ

Actions

This Discussion