Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

site-to-site VPN Peer(s) with dynamic IP addresses

Unanswered Question
Mar 2nd, 2009
User Badges:


I have 2 Cisco 877 routers, both with an ethernet (internal) and ADSL (external) interfaces. The IP address given to the ADSL interface is dynamic, negotiated via PPP to a dialer interface, a configuration from a typical ISP.

Both external dynamic IP addresses are known with a fully qualified domain name via dynamic DNS that I set up already.

Now I would like to set up a VPN between these 2 routers to connect the 2 internal networks together: I set up the VPN using their IP addresses
(crypto policy, crypto transform-set, crypto map) and it works like a charm until I reboot the router and the IP address will change. I need to solve
this using the dynamic DNS names instead, but all my attempts to set up the configuration using the dynamic DNS names failed so far ...

Can you please suggest a configuration sample or a document showing how to configure the VPN using the dynamic DNS names as VPN peers?

Thank you in advance!
Best regards.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marcos Hernandez Tue, 03/03/2009 - 04:19
User Badges:
  • Blue, 1500 points or more

We have an app note posted on the subject:


It is very good material. We are in the process of updating it to include:

- VPN server in combination with DMVPN

- Correct a couple of typos. One of them is the addition of the following commands:

ip inspect name XXXXX tcp router-traffic

ip inspect name XXXXX udp router-traffic


Marcos Hernandez
Technical Marketing Engineer
Cisco Systems, Inc.


This Discussion