Terminating dynamic vpns on asa 5510

Unanswered Question
Oct 7th, 2008


We are interested in our comapny to implement dynamic vpns because we have many remote branches (20 of them).

At the moment we have site to site vpns with all the remote sites ( start topology ). The remote sites are equiped with asa 5510 which terminates the vpn.

Is the asa capable of implementing dynamic vpn ?

or we need to install a 2800 router in front?

If we terminate the vpns on the 2800 router then traffic from the router to asa will not be encrypted, hence it is a security concern!!

What is your advice?

Thasnk you in advance!!!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
michalis1234 Tue, 10/07/2008 - 10:44

We need to initiate traffic between remote sites as well, such as telephone calls between 2 remote sites.

In the urls you sent me it is mentioned that:

"The PIX can initiate connections to the router, but the router cannot initiate connections to the PIX".

With this senario are we able to do that ?

paulmh1973 Mon, 10/20/2008 - 02:44

These examples (like all other which I found) are for ASA 7.x; which looks very different from the current (8.0) software...

If someone has gotten this to work on 8.0 I am more then interested...

Best regards,



This Discussion