Terminating dynamic vpns on asa 5510

Unanswered Question
Oct 7th, 2008
User Badges:


We are interested in our comapny to implement dynamic vpns because we have many remote branches (20 of them).

At the moment we have site to site vpns with all the remote sites ( start topology ). The remote sites are equiped with asa 5510 which terminates the vpn.

Is the asa capable of implementing dynamic vpn ?

or we need to install a 2800 router in front?

If we terminate the vpns on the 2800 router then traffic from the router to asa will not be encrypted, hence it is a security concern!!

What is your advice?

Thasnk you in advance!!!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ajagadee Tue, 10/07/2008 - 09:02
User Badges:
  • Cisco Employee,


Yes, it is possible to possible to terminate dynamic VPN on the ASA. Please refer the below URL for details:





** Please rate all helpful posts **

michalis1234 Tue, 10/07/2008 - 10:44
User Badges:

We need to initiate traffic between remote sites as well, such as telephone calls between 2 remote sites.

In the urls you sent me it is mentioned that:

"The PIX can initiate connections to the router, but the router cannot initiate connections to the PIX".

With this senario are we able to do that ?

paulmh1973 Mon, 10/20/2008 - 02:44
User Badges:

These examples (like all other which I found) are for ASA 7.x; which looks very different from the current (8.0) software...

If someone has gotten this to work on 8.0 I am more then interested...

Best regards,



This Discussion