Site to Site vpn UC 500

Unanswered Question
May 22nd, 2009

Hi,

I need to configure site to site vpn using UC 500 , in one side, i have static ip the other end it is dynamic , what is best way to set up a connection using this scenario , EZVPN_GROUP_1 is configured , clients can access the system, but I cannot configure the two UC for communicating each other .


Please advise me what way I can connect these systems.


Regards

Suraj kumar

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
suraj12345 Fri, 05/22/2009 - 07:11

UC 520 in the main site

When I configure using as per the doc

My main site UC is having static ip in WANfor ex xxx.xxx.xxx.xxxx 255.255.255.248

Lan ip is 172.32.0.0 /24

Well the other site

Have Dyanmic ip in wan site

Lan side 192.168.10.0 /24

When I ceate the isakmp policy in the main router having static IP

Crypto isakmp policy 1

Encr 3des

Hash md5

Authentication pre-share

Group2

Crypto isakmp key sbcs address ( the remote site ip is dynamic I have dyndnshostname , but it is not accepting)

What can I do here?

Please advise.

suraj12345 Fri, 05/22/2009 - 10:15

Cisco (config)#Crypto isakmp key sbcs address aaa.dyndns.org

                                                                                     ^

% Invalid input detected at '^' marker.

                                                                              

When I try a host name instead of ip address  the system says invalid input .The host name which I posted is not  a real hostname (just an example).If I put my real hostname also the result is the same.

Steven DiStefano Fri, 05/22/2009 - 10:45

Try Hostname parameter instead?

SBCS-Mobility(config)#crypto isakmp key ?
  0     Specifies an UNENCRYPTED password will follow
  6     Specifies an ENCRYPTED password will follow
  WORD  The UNENCRYPTED (cleartext) user password

SBCS-Mobility(config)#crypto isakmp key key123 ?
  address   define shared key with IP address
  hostname  define shared key with hostname

SBCS-Mobility(config)#crypto isakmp key key123

suraj12345 Fri, 05/22/2009 - 12:11


CISCO(config)#crypto map multisite 1 ipsec-isakmp
% NOTE: This new crypto map will remain disabled until a peer
        and a valid access list have been configured.
CISCO(config-crypto-map)#

Please advise me which acl i have to define her

Actions

This Discussion