l2l vpn with fqdn instead of ip addresses

Unanswered Question
Nov 15th, 2007
User Badges:


I want to establish site-to-site vpn on a Cisco ASA 5510. I have one problem. One of the sites does not have a static IP address. Can I use the FQDN (asa.company.com) of the ASA on that site?

Thanks for any help

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ebreniz Wed, 11/21/2007 - 12:01
User Badges:
  • Silver, 250 points or more

Could you please create a separate match address ACL on the ASA and PIX to apply to the crypto map (without the unnecessary addresses and permit esp any any) and let me know how it goes? And also Could you please remove the crypto maps and isakmps from the outside interfaces, remove the "permit esp any any" lines from the match address ACLs, and reapply the crypto maps and isakmps.


This Discussion