Cisco Support Community
Community Member

Loosing connection to Easy VPN Server

Hi, I am new to Cisco so please bare with me.

I have setup a Cisco 877 as Easy VPN Server with Dynamic IP. The server works perfectly. Our ISP change the IP address every 24 hours which then update my hostname at DynamicDNS. My problem lies with the two Easy VPN Remotes which connect to the Easy VPN Server. They are also Cisco 877 routers. Everytime the Easy VPN Server's IP is changed the Easy VPN Remotes refuse to reconnect. The only way to re-connect is to go into the SDM, edit the VPN without changing anything. Come out and let the SDM run its commands. Even running the clear command from the command prompt doesn't have any effect except changing the Last Event to "connect". Any help will be appreciated.


Re: Loosing connection to Easy VPN Server

You can specify up to ten servers by IP address or hostname as backup for the Easy VPN server, and order the list to control which servers the router will attempt to connect to first if the primary connection to the Easy VPN server fails.


Click to specify the name or the IP address of an Easy VPN server for the router to connect to when the primary connection fails, and then enter the address or hostname in the window displayed.


Click to delete a specified IP address or hostname

Re: Loosing connection to Easy VPN Server


try to enable dead peer detection using "crypto isakmp keepalive" and use hostname in ezvpn config.



Community Member

Re: Loosing connection to Easy VPN Server

Thanks for the replies, but that has all been done. I have finally figured out where my problem is.

On my router I am running a Basic Firewall. The following lines was generated by die SDM for the EzVPN:

permit any dest: 10000/udp

Permit any dest: non500-

Permit any dest: isakmp/

Permit any esp

Permit any ahp

Because the 41 IP address is Dynamic I need to open the SDM which then create new rules for the new IP address.

In have edit these lines and changed the IP to the host names, apply the changes and then save the changes to the running config. When refreshing the SDM I get the IP's again and not the host name.

How can I ensure the host name gets saved by the SDM and not the IP.

The other possiblility is to do it via the command line, but I don't know the commands, so a url to a document that can give me the commands lines might also help.


CreatePlease to create content