Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
769
Views
0
Helpful
4
Replies

Cisco 2821 IPSec, can i use a dyndns name as 'set peer'? Dynamic IP IPSec?

jasonhumes
Level 1
Level 1

‎03-13-2006 11:00 AM - edited ‎02-21-2020 02:18 PM

Hi

I've got a Linksys Rv042 at a remote site, connected to a standard DSL service (dynamic public IP address) and I've got that RV042 setup to do Dynamic DNS and to also do an IPSec VPN back to my main office which is running an 2821 on a static public ip address. I've got the vpn setup and working between these two devices, but whenever the IP address at the remote site (RV042) changes, the VPN has to be reconfigured on the 2821 (really just the 'set peer' field in the crypto map)....is there anyway to have the 2821 use the dynamic dns name rather than the ip address? I've tried the 'set peer name' in the crypto map, but it does a dns lookup immediately and then populates set peer with the current ip, and then never looks up that name again. Is there any way to do this? Thanks.

Jason Humes

Labels:
0 Helpful
4 Replies 4

froggy3132000
Level 3
Level 3

‎03-13-2006 04:55 PM

No, you have to do somehting like this:

crypto isakmp key cisco123 address 0.0.0.0 0.0.0.0

0 Helpful

panlamture
Level 1
Level 1
In response to froggy3132000

‎03-15-2006 08:55 PM

Hi Froggy,

from above command, the request from any IP address which will be accepted, but what should we put the 'Set peer' ip address. Becoz as per the above case notes the ip address of Linksys router is changing all the time.

Please give more info. as I am also having same senario with me....

0 Helpful

schlemmer
Level 1
Level 1
In response to panlamture

‎03-24-2006 02:40 AM

Hi,

you have to configure the "dynamic" keyword in the crypto map after the dns-name of the remote peer.

Example:

set peer myname.dyndns.org dynamic

BUT:

we have currently a problem with the dyndns updates and the cryptop map. Maybe it is a problem, because we have Dynamic Ip Addresses on both sides. But give the example above a try, i don't know if it works finde when one site is static ip addressed.

0 Helpful

froggy3132000
Level 3
Level 3
In response to schlemmer

‎03-24-2006 06:05 AM

I am running 12.3, I believe this command is only available in 12.4 I could be wrong though.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents