Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Change site to site peer

I have set up a site to site vpn between my corporate 5510 and a new 5510 for a remote office. I set a test public IP on the remote 5510 and used that IP for the peer address on the tunnel.

When I receive the permanent IP from the ISP for the remote 5510 is there a way to change the peer IP on the corporate 5510? So I don't have to recreate it?

6 REPLIES

Re: Change site to site peer

Simply remove it-

no crypto map map1 20 set peer 192.168.50.100

Then re-enter with the correct IP-

crypto map map1 20 set peer 75.50.95.72

Hope that helps.

Bronze

Re: Change site to site peer

Hi Collin,

While that seems simple - just curious if that will also reset the related L2L statements needed for the site-to-site?

Will doing this:

no crypto map map1 20 set peer 192.168.50.100

crypto map map1 20 set peer 75.50.95.72

Change these statements?

tunnel-group 192.168.50.100 type ipsec-l2l

tunnel-group 192.168.50.100 ipsec-attributes

pre-shared-key *

Thanks,

Jim

Re: Change site to site peer

Nope. You may get an error saying that the crypto map will be incomplete until you add a peer, but it will not remove the L2L settings.

Bronze

Re: Change site to site peer

Thanks. When you add in the new peer will it change the L2L statements automatically for you (or automatically create new ones corresponding to the new IPs)?

Hope that makes sense.

Jim

Re: Change site to site peer

I know what you mean and unfortunately it does not. We had some sites that changed frequently and it was pain to maintain.

Bronze

Re: Change site to site peer

Thank you, Collin. Appreciate all your help.

134
Views
5
Helpful
6
Replies
CreatePlease to create content