DMVPN - Default Gateway - DHCP public address at remote
I installed a Cisco 831 router this afternoon and I had a lot of trouble getting the thing to work.
The remote location is served by a cable company ISP (ComCast) and they are delivering me a dynamic ?public? IP address.
As such, I will not know the IP address of the gateway router unless I determine the IP address and mask that they assign me and then calculate the ?gateway address?.
When I originally configured the 831 I used the following ?routing? statements, expecting the router to send all traffic out the public interface:
ip route 0.0.0.0 0.0.0.0 Ethernet1
ip route *omitted my /21 public supernet* Ethernet1
That did not work.
In order to get the router to actually talk to the head end and negotiate IPSEC and create the tunnel, I had to change the routing statements to:
ip route 0.0.0.0 0.0.0.0 188.8.131.52
ip route *omitted my /21 public supernet* 184.108.40.206
I used the show interface Ethernet1 command to determine the DHCP address and subnet mask that had been assigned to me (in this case the default gateway turned out to be 220.127.116.11).
As soon as I made the changes to the routing statements the tunnel came up, GRE traffic updated and everything works fine.
How can I get around this, since it makes no sense to use dynamic IP addresses if I have to manually configure the gateway?
Our ISP has assigned this remote location DHCP address from several different and very diversified address blocks over the last 3 months (18.104.22.168 /20, 22.214.171.124 /23 and now 126.96.36.199 /23). Obviously the gateway address changes each time they assign me an address from a different block.
I have attached the entire remote site running config as it stands right now (it is up and working ? but if the dynamic address and the gateway changes, it will go down).
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :