Loosing connection to Easy VPN Server

Unanswered Question

Hi, I am new to Cisco so please bare with me.

I have setup a Cisco 877 as Easy VPN Server with Dynamic IP. The server works perfectly. Our ISP change the IP address every 24 hours which then update my hostname at DynamicDNS. My problem lies with the two Easy VPN Remotes which connect to the Easy VPN Server. They are also Cisco 877 routers. Everytime the Easy VPN Server's IP is changed the Easy VPN Remotes refuse to reconnect. The only way to re-connect is to go into the SDM, edit the VPN without changing anything. Come out and let the SDM run its commands. Even running the clear command from the command prompt doesn't have any effect except changing the Last Event to "connect". Any help will be appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bwilmoth Thu, 07/26/2007 - 06:40
User Badges:
  • Silver, 250 points or more

You can specify up to ten servers by IP address or hostname as backup for the Easy VPN server, and order the list to control which servers the router will attempt to connect to first if the primary connection to the Easy VPN server fails.

Add

Click to specify the name or the IP address of an Easy VPN server for the router to connect to when the primary connection fails, and then enter the address or hostname in the window displayed.

Delete

Click to delete a specified IP address or hostname


johnd2310 Thu, 07/26/2007 - 21:21
User Badges:
  • Silver, 250 points or more

hi,


try to enable dead peer detection using "crypto isakmp keepalive" and use hostname in ezvpn config.


thanks

John

Thanks for the replies, but that has all been done. I have finally figured out where my problem is.

On my router I am running a Basic Firewall. The following lines was generated by die SDM for the EzVPN:

permit 41.xxx.xxx.xxx any dest: 10000/udp

Permit 41.xxx.xxx.xxx any dest: non500-

Permit 41.xxx.xxx.xxx any dest: isakmp/

Permit 41.xxx.xxx.xxx any esp

Permit 41.xxx.xxx.xxx any ahp


Because the 41 IP address is Dynamic I need to open the SDM which then create new rules for the new IP address.

In have edit these lines and changed the IP to the host names, apply the changes and then save the changes to the running config. When refreshing the SDM I get the IP's again and not the host name.

How can I ensure the host name gets saved by the SDM and not the IP.

The other possiblility is to do it via the command line, but I don't know the commands, so a url to a document that can give me the commands lines might also help.

Thanks.

Actions

This Discussion