Creating Site to Site Dynamic VPN

Unanswered Question
Apr 24th, 2008

Is there another secure way of creating dynamic vpn (site to site vpn with static IP on one end and dynamic IP on the other end). I do not feel comfortable allowing any peer to connect.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Thu, 04/24/2008 - 21:03

Is not that the dynamic is completely wide opened for any one to connect, it still needs to authenticate the tunnel through wild-card pre-shared keys, I don't see any other way other than have a static IP instead of dynamic at the tunnel termination point on the dynamic side.


Kaoch0824 Fri, 04/25/2008 - 11:31

I totally agree too. I am throwing this question out for inputs. Creating a vpn topology with static IP at one end and the other end dynamic IP, disregarding all the vpn phases and how it negotiates, would it be fair to say this setup is more vulnerable than creating a site to site vpn with static IP on both end?


This Discussion