×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Remote VPN Tunnels with 2 pix 506

Unanswered Question
Jul 7th, 2009
User Badges:

I have two 506 PIX and I am attempting to get a Site-to-site VPN tunnel working.


The main site has a static IP

remote site is DHCP


Now I have the site to site tunnel working with a static config at the main site. The problem I am running into is the remote site is dhcp and the DSL provider they are using changes IP's very week or so. When this happens I have to log into the main site PIX and change the peer IP and isakmp address.


Is there a way i can setup a site to site tunnel with the remote site having a dynamic IP so I do not need to change the config of the PIX every time their IP changes?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
D0nprintup_2 Tue, 07/07/2009 - 10:03
User Badges:

Cool


After reading it I beleive I need to upgrade my main pix to 7.0 code. it is still running 6.3


EDIT


Because I am running 506e I just read where you cannot update to 7. On the older PIX you need to be 515 or higher.


This sucks so I am back to square one.

JORGE RODRIGUEZ Tue, 07/07/2009 - 10:33
User Badges:
  • Green, 3000 points or more

Quote from link bellow PIX 501,PIX 506E, and PIX 520 are not supported in 7.x or above codes, you cannot upgrade these models to version 7. You must either have a PIX515/515E,525,535 for code 7.x or above..


You can still acomplish Static to Dynamic L2L vpn with your current 6.3 codes.. unless you are looking for a specific feature in 7.x then you must upgrade 501 to its upgrade model asa5505.. but again you can do what you need with 6.x.


http://www.cisco.com/en/US/customer/docs/security/pix/pix70/release/notes/pix_70rn.html#wp31988


Regards

Actions

This Discussion