Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
291
Views
0
Helpful
2
Replies

Dynamic VPN, Site-2-site-VPN

sohaildxbfze
Level 1
Level 1

‎12-28-2008 09:10 PM

Hi all,

m new to vpn, can any1 explain the diff. b/w dynamic vpn & site-2-site vpn, & things that shld be taken care of.

m trying to create a dynamic vpn b/w remote & my secure computing SG720 FW.

topology is

SG720(remote)--PIX515--SG720(local)

i have SG720 with public IP @ HQ.

PIX 515 in remote site which has PAT pool when it goes to HQ.

behind that PIX 515 i have SG720 for that customer. SG720 @ both ends just show phase 1 only.

Any help?????/

Labels:
0 Helpful
2 Replies 2

andrew.prince
Level 10
Level 10

‎12-29-2008 08:16 AM

Dynamic VPN - is when one end of the VPN is unkown, e.g no static IP address. Also you do not know the remote end IP subnet for the encryption domain - so this is learnt at time of VPN creation.

Site-2-Site is typically when you have 2 devices with static IP addresses. You also know the IP subnets at both sites, and configure the encryption domains accodringly.

HTH>

0 Helpful

Brent Rockburn
Level 2
Level 2

‎12-29-2008 12:03 PM

I may be completely wrong here .. but I don't think a pix 515 can participate in a DMVPN. For a DMVPN to work you'll need to use GRE/IPSEC.

This will enable you to use routing protocols and NHRP.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents