Cisco ASA site to site VPN with 1 side using a dynamic IP

Unanswered Question
Jun 3rd, 2008
User Badges:

I am trying to configure a site to site VPN between 2 ASA 5505 firewalls. The one site has a static IP address, so I refer to that from the other sites IP, and create the tunnel group, but I am unsure on how to refer to the site that has different IP addresses every few months. I was thinking that it would be set with a dynamic peer, but was unable to configure that or know how to. I then used the defaultRAgroup with a pre shared key, but when i do a debug, the error message indicates an xauth failure, is it possible to turn that off?

I am open to ideas and suggestions, thanks for any help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
acomiskey Tue, 06/03/2008 - 18:18
User Badges:
  • Green, 3000 points or more

Use the defaultL2Lgroup, not RAgroup.

Jasonch518_2 Wed, 06/04/2008 - 09:04
User Badges:

Thank you for that comment about the defaultL2Lgroup, that worked perfectly.


This Discussion