I'm transitioning from a Netscreen 50 to an ASA 5510. Trying to re-establish the few VPN tunnels that I have. On the old Netscreen, rather then using a IP address for the far end of the tunnel, it uses a "PeerID" (the other end of the tunnel gets it's IP address DHCP from comcast). Is this functionality available in ASDM? When I run the VPN Wizard, I don't see an option for it, only for IP address. Don't want to use an IP, because it can and does change often.
With a dynamic crypto map the only "identifier" as such is the pre-shared key. With a dynamic crypto map any IP address can attempt a connection to the VPN device but obviously without the pre-shared key it will not authenticate and set up a tunnel.
Hence the security of the tunnel is even more reliant on the pre-shared key.
Yes this functionality is available with the ASA, it is called dynamic crypto maps. Have a look at the following configuration guide and if you still have questions don't hesitate to come back -