site-to-site VPN Peer(s) with dynamic IP addresses

Unanswered Question
Mar 2nd, 2009

Hi,

I have 2 Cisco 877 routers, both with an ethernet (internal) and ADSL (external) interfaces. The IP address given to the ADSL interface is dynamic, negotiated via PPP to a dialer interface, a configuration from a typical ISP.


Both external dynamic IP addresses are known with a fully qualified domain name via dynamic DNS that I set up already.


Now I would like to set up a VPN between these 2 routers to connect the 2 internal networks together: I set up the VPN using their IP addresses
(crypto policy, crypto transform-set, crypto map) and it works like a charm until I reboot the router and the IP address will change. I need to solve
this using the dynamic DNS names instead, but all my attempts to set up the configuration using the dynamic DNS names failed so far ...


Can you please suggest a configuration sample or a document showing how to configure the VPN using the dynamic DNS names as VPN peers?


Thank you in advance!
Best regards.


Tarik

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Marcos Hernandez Tue, 03/03/2009 - 04:19

We have an app note posted on the subject:

https://supportforums.cisco.com/docs/DOC-9652

It is very good material. We are in the process of updating it to include:

- VPN server in combination with DMVPN

- Correct a couple of typos. One of them is the addition of the following commands:

ip inspect name XXXXX tcp router-traffic

ip inspect name XXXXX udp router-traffic

Thanks,

Marcos Hernandez
Technical Marketing Engineer
Cisco Systems, Inc.

Actions

This Discussion