Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
325
Views
0
Helpful
3
Replies

Loosing connection to Easy VPN Server

danie
Level 1
Level 1

‎07-20-2007 03:11 AM - edited ‎02-21-2020 03:10 PM

Hi, I am new to Cisco so please bare with me.

I have setup a Cisco 877 as Easy VPN Server with Dynamic IP. The server works perfectly. Our ISP change the IP address every 24 hours which then update my hostname at DynamicDNS. My problem lies with the two Easy VPN Remotes which connect to the Easy VPN Server. They are also Cisco 877 routers. Everytime the Easy VPN Server's IP is changed the Easy VPN Remotes refuse to reconnect. The only way to re-connect is to go into the SDM, edit the VPN without changing anything. Come out and let the SDM run its commands. Even running the clear command from the command prompt doesn't have any effect except changing the Last Event to "connect". Any help will be appreciated.

Labels:
0 Helpful
3 Replies 3

bwilmoth
Level 5
Level 5

‎07-26-2007 06:40 AM

You can specify up to ten servers by IP address or hostname as backup for the Easy VPN server, and order the list to control which servers the router will attempt to connect to first if the primary connection to the Easy VPN server fails.

Add

Click to specify the name or the IP address of an Easy VPN server for the router to connect to when the primary connection fails, and then enter the address or hostname in the window displayed.

Delete

Click to delete a specified IP address or hostname

0 Helpful

johnd2310
Level 8
Level 8

‎07-26-2007 09:21 PM

hi,

try to enable dead peer detection using "crypto isakmp keepalive" and use hostname in ezvpn config.

thanks

John

**Please rate posts you find helpful**
0 Helpful

danie
Level 1
Level 1

‎08-01-2007 05:40 AM

Thanks for the replies, but that has all been done. I have finally figured out where my problem is.

On my router I am running a Basic Firewall. The following lines was generated by die SDM for the EzVPN:

permit 41.xxx.xxx.xxx any dest: 10000/udp

Permit 41.xxx.xxx.xxx any dest: non500-

Permit 41.xxx.xxx.xxx any dest: isakmp/

Permit 41.xxx.xxx.xxx any esp

Permit 41.xxx.xxx.xxx any ahp

Because the 41 IP address is Dynamic I need to open the SDM which then create new rules for the new IP address.

In have edit these lines and changed the IP to the host names, apply the changes and then save the changes to the running config. When refreshing the SDM I get the IP's again and not the host name.

How can I ensure the host name gets saved by the SDM and not the IP.

The other possiblility is to do it via the command line, but I don't know the commands, so a url to a document that can give me the commands lines might also help.

Thanks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents