cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
940
Views
5
Helpful
3
Replies

Cisco ASA site to site VPN with 1 side using a dynamic IP

Jasonch518_2
Level 1
Level 1

I am trying to configure a site to site VPN between 2 ASA 5505 firewalls. The one site has a static IP address, so I refer to that from the other sites IP, and create the tunnel group, but I am unsure on how to refer to the site that has different IP addresses every few months. I was thinking that it would be set with a dynamic peer, but was unable to configure that or know how to. I then used the defaultRAgroup with a pre shared key, but when i do a debug, the error message indicates an xauth failure, is it possible to turn that off?

I am open to ideas and suggestions, thanks for any help.

3 Replies 3

JORGE RODRIGUEZ
Level 10
Level 10

acomiskey
Level 10
Level 10

Use the defaultL2Lgroup, not RAgroup.

Thank you for that comment about the defaultL2Lgroup, that worked perfectly.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: