05-22-2009 02:14 AM - edited 03-21-2019 01:07 AM
Hi,
I need to configure site to site vpn using UC 500 , in one side, i have static ip the other end it is dynamic , what is best way to set up a connection using this scenario , EZVPN_GROUP_1 is configured , clients can access the system, but I cannot configure the two UC for communicating each other .
Please advise me what way I can connect these systems.
Regards
Suraj kumar
05-22-2009 06:41 AM
Look at Page 3.
05-22-2009 07:11 AM
UC 520 in the main site
When I configure using as per the doc
My main site UC is having static ip in WANfor ex xxx.xxx.xxx.xxxx 255.255.255.248
Lan ip is 172.32.0.0 /24
Well the other site
Have Dyanmic ip in wan site
Lan side 192.168.10.0 /24
When I ceate the isakmp policy in the main router having static IP
Crypto isakmp policy 1
Encr 3des
Hash md5
Authentication pre-share
Group2
Crypto isakmp key sbcs address ( the remote site ip is dynamic I have dyndnshostname , but it is not accepting)
What can I do here?
Please advise.
05-22-2009 09:43 AM
what is the CLI rejection saying exactly?
05-22-2009 10:15 AM
Cisco (config)#Crypto isakmp key sbcs address aaa.dyndns.org
^
% Invalid input detected at '^' marker.
When I try a host name instead of ip address the system says invalid input .The host name which I posted is not a real hostname (just an example).If I put my real hostname also the result is the same.
05-22-2009 10:45 AM
Try Hostname parameter instead?
SBCS-Mobility(config)#crypto isakmp key ?
0 Specifies an UNENCRYPTED password will follow
6 Specifies an ENCRYPTED password will follow
WORD The UNENCRYPTED (cleartext) user password
SBCS-Mobility(config)#crypto isakmp key key123 ?
address define shared key with IP address
hostname define shared key with hostname
SBCS-Mobility(config)#crypto isakmp key key123
05-22-2009 12:11 PM
CISCO(config)#crypto map multisite 1 ipsec-isakmp
% NOTE: This new crypto map will remain disabled until a peer
and a valid access list have been configured.
CISCO(config-crypto-map)#
Please advise me which acl i have to define her
05-24-2009 10:09 AM
You can normalize your config by following the steps in his app note as well:
https://supportforums.cisco.com/docs/DOC-9692
Esentially, the same on as Steve's.
Thanks,
Marcos
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: