×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

site to site VPN behind internet modems

Unanswered Question
Jan 29th, 2014
User Badges:
  • Cisco Employee,

Hi all,


I have a question and I am quite lost, not sure if this is a possible thing to do.


My idea is to create a site to site VPN between two routers at home (one in my workplace home and the other in my holidays/mum home), the edge internet routers/modems should be transparent and traffic between normal devices ( home Wifi network) should work as ususal. I'd need to connect my workplace home network/computer when I am in my holiday's home.


Not sure if I have been entirely clear, but is there a hardware for doing this, like simple routers or  ASA/router can easy do this?


Thanks,


Juan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Azubuike Obiora Thu, 01/30/2014 - 11:42
User Badges:

Hi Joan,


First of I would like to ask? when your device connects to the internet from your ISP do you get your IP address via dhcp or you have a static ip address on your router?


With a static IP you can achieve this without issues either using Router or ASA.


With dhcp sourced address! It might be a bit of an issue. Truth is I have never configured L2L vpn with a dhcp address on the router or firewall. To the best of my knowledge most vpn configuration are best with static IP address on your edge devices. For consistency sake. So if you do get your IP via dhcp....I'll advice you get statics to make it easy for you.


Thanks

Teddy

mfurnival Fri, 01/31/2014 - 08:35
User Badges:
  • Silver, 250 points or more

Juan,


This can be done with pretty much any Cisco router - here is a guide to get you started:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008009448f.shtml


It is not particularly easy if you are a Cisco novice but there are lots of guides out there on the internet.


And I would not worry too much about having a static IP address - you can use free dynamic dns services such as dyndns to overcome the limitations of DHCP allocated IP from your ISP.

Actions

This Discussion