VPN L2L with dynamic IP on one side

Unanswered Question
Jul 5th, 2007

Hi all,

I have a ASA5505 and a Linksys router with a dynamic IP address and when the router try to connect the VPN it always end on the DefaultRAGroup and not the DefaultL2LGroup.

It was supposed to end in the L2L, the one configured and with the right pre-shared key.

I'm running 7.2.2 and 8.0.2.

I have a lot of configs like those with PIX 6.x.x and they all work great but with this one...


Rui Cordeiro

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Thu, 07/05/2007 - 12:03

I have this same issue. It keeps attempting the RA group. After trying for about 8-10 minutes it will finally use the L2L group and bring up the tunnel.

Have you tried an extended ping to bring up the tunnel and give it about 10 minutes?

I'm not saying that is the solution I am just curious if anyone else sees the same behavior.

I also tried the following command with no luck, tunnel-group-map default-group DefaultL2LGroup, have you tried this?

rcordeiro Thu, 07/05/2007 - 12:16


No luck with that command also... and it seems that the 10 minutes rule isn't working...

mapc3637ma Wed, 07/25/2007 - 05:35

Ha have the same problems, if you can solve the promblems yet, I am very interestint in know what is the solution.

Can you help ME

rcordeiro Wed, 07/25/2007 - 23:40

Sorry, I had no luck and tried all the things I could think of...

My client changed to fixed IP and all went well.

I advise you to open a case in TAC, maybe they can give you a solution...

Best of luck and if you get a solution post it.


This Discussion