Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
658
Views
0
Helpful
4
Replies

IPSec VPN Between two 880 3G Enabled Routers

Go to solution
sauravcgc
Level 1
Level 1

‎01-20-2009 11:25 PM - edited ‎03-04-2019 12:55 AM

Hi

I have two 880 routers on 3G link and i want to create IPSec Site-Site VPN between the two points.

Is is it possible as 3G links on both the end donot have any static IP.

Regards

Saurav

saurav@cgulfc.com

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
patrickvanham
Level 1
Level 1

‎01-21-2009 12:58 AM

You would need to set up a tunnel between the points, and for that you need the IP addresses. Normally this would be done with fixed addresses, but it may be possible using the hostname of the remote node, if that is fixed. If the name is based on the IP address, which is not unusual, you'd need to contact your provider for a fixed IP address.

It is also possible the provider has disabled intermobile traffic, in that case they cannot directly communicate if in the same APN. Another issue is that they may not allow tunneling unless on a different contract.

What may be best for you is to ask the provider to use a specific APN for machine to machine, as those often allow intermobile traffic, are transparent and are likely to allow fixed addresses.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
patrickvanham
Level 1
Level 1

‎01-21-2009 12:58 AM

You would need to set up a tunnel between the points, and for that you need the IP addresses. Normally this would be done with fixed addresses, but it may be possible using the hostname of the remote node, if that is fixed. If the name is based on the IP address, which is not unusual, you'd need to contact your provider for a fixed IP address.

It is also possible the provider has disabled intermobile traffic, in that case they cannot directly communicate if in the same APN. Another issue is that they may not allow tunneling unless on a different contract.

What may be best for you is to ask the provider to use a specific APN for machine to machine, as those often allow intermobile traffic, are transparent and are likely to allow fixed addresses.

0 Helpful

Go to solution
sauravcgc
Level 1
Level 1
In response to patrickvanham

‎01-21-2009 01:13 AM

Hi Pat

Thanks for your reply. if i get the APN from the sp is it possible.

As i was referring a document which says 3G can used for backup and dyanic ip can be used like dialling configuration.

Thats why i am bit confused.

Regards

Saurav

0 Helpful

Go to solution
patrickvanham
Level 1
Level 1
In response to sauravcgc

‎01-21-2009 04:38 AM

3G is not much different from any other data connection with regards to setting up a tunnel. There are some specifics you need to set up for it to connect to the 3G network itself.

But if you want the two routers to connect to each other with IPsec tunneling they'd need either fixed IP addresses or fixed hostnames which can be resolved to the correct IP. Further, the APN has to allow intermobile traffic and it should preferably be transparent, but allowing IPSec over the APN would work fine as well. Providers generally have a specific APN that fulfill these contitions as machine to machine communications generally require this. The provider should be able to provide you with SIM cards that are provisioned for such an APN.

0 Helpful

Go to solution
sauravcgc
Level 1
Level 1
In response to patrickvanham

‎01-21-2009 04:45 AM

Hi Pat

Thanks for your suggestion. Now i it's clear.

I will check with SP.

Regards

Saurav

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card