Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
961
Views
5
Helpful
3
Replies

Cisco ASA site to site VPN with 1 side using a dynamic IP

Jasonch518_2
Level 1
Level 1

‎06-03-2008 03:50 PM

I am trying to configure a site to site VPN between 2 ASA 5505 firewalls. The one site has a static IP address, so I refer to that from the other sites IP, and create the tunnel group, but I am unsure on how to refer to the site that has different IP addresses every few months. I was thinking that it would be set with a dynamic peer, but was unable to configure that or know how to. I then used the defaultRAgroup with a pre shared key, but when i do a debug, the error message indicates an xauth failure, is it possible to turn that off?

I am open to ideas and suggestions, thanks for any help.

Labels:
0 Helpful
3 Replies 3

JORGE RODRIGUEZ
Level 10
Level 10

‎06-03-2008 04:55 PM

Take a look at this example link

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805733df.shtml

HTH

-Jorge

Jorge Rodriguez
0 Helpful

acomiskey
Level 10
Level 10

‎06-03-2008 06:18 PM

Use the defaultL2Lgroup, not RAgroup.

Jasonch518_2
Level 1
Level 1
In response to acomiskey

‎06-04-2008 09:04 AM

Thank you for that comment about the defaultL2Lgroup, that worked perfectly.

0 Helpful
Customers Also Viewed These Support Documents