I need to create a site to site VPN, but there is one caveat: one end will have a dynamic external interface IP address.
BESIDES DMVPN, is there another way of working around that?
How can I get the two routers to establish an IPSec tunnel betwen them if one router does not know how to reach the other? How can IKE phase 1 create an SA?
Someone mentioned certificates as a solution, but I am not sure I understand how this helps.