Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

l2l vpn with fqdn instead of ip addresses

Hi,

I want to establish site-to-site vpn on a Cisco ASA 5510. I have one problem. One of the sites does not have a static IP address. Can I use the FQDN (asa.company.com) of the ASA on that site?

Thanks for any help

  • Other Security Subjects
1 REPLY
Silver

Re: l2l vpn with fqdn instead of ip addresses

Could you please create a separate match address ACL on the ASA and PIX to apply to the crypto map (without the unnecessary addresses and permit esp any any) and let me know how it goes? And also Could you please remove the crypto maps and isakmps from the outside interfaces, remove the "permit esp any any" lines from the match address ACLs, and reapply the crypto maps and isakmps.

173
Views
0
Helpful
1
Replies
This widget could not be displayed.