×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Help on Site-to-Site IPsec VPN

Unanswered Question
Aug 25th, 2014
User Badges:

I would like to create a site-to-site IPSec VPN on Cisco 1941 router.

1. What license do i need for the routers (k9 or sec/k9)?

2. Do I need static public IP addresses for all of the sites?

3. Is there a limit on the number of sites?

 

Thanks in advance for your help.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
michael o'nan Mon, 08/25/2014 - 19:41
User Badges:
  • Silver, 250 points or more

You will need sec/k9 for VPN. It could be easier with static addresses or at least one site as static. Others can be dynamic and you will be required to use a dynamic crypto map. You will be limited to your hardware (not sure of the number) but you could look into DMVPN and see if that would be a better fit for your needs.

nkarthikeyan Tue, 08/26/2014 - 04:12
User Badges:
  • Gold, 750 points or more

Hi,

Please find the answers for your queries.

1. What license do i need for the routers (k9 or sec/k9)?

Ans: You need to update with Security Technology Package License (SL-19-SEC-K9(=) / L-SL-19-SEC-K9= )

2. Do I need static public IP addresses for all of the sites?

Ans: You have options... If you have hub site and all other spoke sites connecting to it... you can have a static address at your hub site and other sites you can have dynamic ip address for peer.

3. Is there a limit on the number of sites?

Ans: Yes, there should be some limit on the VPN peers.

 

Regards

Karthik

Actions

This Discussion