Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX VPN: Dynamic to dynamic ip

Hi guys, can we implement vpn on PIX with dynamic to dynamic ip? If have, can give me a link to configure it.

Thanks

6 REPLIES

Re: PIX VPN: Dynamic to dynamic ip

Not sure of it's possible, as it normally need one end to have static IP.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00805733df.shtml

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a0080094680.shtml

There's a feature called DMVPN for dynamic VPN connectivity, but only for routers.

HTH

AK

Re: PIX VPN: Dynamic to dynamic ip

Yes, this is possible.

use one of the Remote access VPN setups and use a DynDNS client to update your VPN Servers IP address to a DNS entry.

example configurations:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/prod_configuration_examples_list.html

suggested setup:

How to Configure the Cisco VPN Client to PIX with AES:

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a00801e71c0.shtml

DynDNS Software:

http://www.no-ip.com/

http://www.no-ip.com/downloads.php

sincerely

Patrick

Re: PIX VPN: Dynamic to dynamic ip

BTW, do you mean dynamic VPN for site-to-site, or remote access?

For remote access (by vpn client), this is possible & common. For site-to-site, this is rare.

HTH

AK

New Member

Re: PIX VPN: Dynamic to dynamic ip

I'm going to implement site-to-site vpn with pix, Both site A & B using dynamic ip, i can do that with linksys router using no-ip, but not sure with pix-to-pix because so far what i know pix using ip address to set the peer and receive the peer, eg.

pixA

isakmp key ******** address 0.0.0.0 netmask 0.0.0.0

pixB

crypto map mymap 10 set peer 200.x.x.x

isakmp ket ******** address 200.x.x.x

Not sure if can replace address with domain name instead :) he..he..he

Thanks

Re: PIX VPN: Dynamic to dynamic ip

No, you cannot replace the IP by a DNS name.

New Member

Re: PIX VPN: Dynamic to dynamic ip

Alright guys, thanks for the info.

347
Views
12
Helpful
6
Replies
CreatePlease login to create content