Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

Site to Site VPN. ISP Change Issue

Hi All,

I have site to site vpn established with one of my client office. The client is changing their ISP now.

I am wondering whether I need to delete the existing site to site vpn and recreate a new one with their new public IP address or do I just need to change the existing peer public IP with the new IP they are changing to.

Also can someone let me know, what command should I use to delete the existing site to site vpns

I am using Cisco PIX 515 with 7.2 OS running

Thanks,

Chandru

1 REPLY

Re: Site to Site VPN. ISP Change Issue

Hi Chandru

Since tunnel-group name must match the peer IP, you should delete the tunnel-group and re-create it with the new peer IP.

Only entry is the peer IP entry in cryptomaps to change, no need to start from scratch. So what you have to do is...

1)Copy and paste your tunnel-group contents to a notepad, change the name to new address, type "clear tunnel-group oldIP" or "clear config tunnel-group oldIP" or "no tunnel-group oldIP". Then paste the modified entry in notepad.

2)Change the peer IP in cryptomap entry

no crypto map outside_map xxx set peer oldIP

crypto map outside_map xxx set peer newIP

If you like, post your current config and new IP of remote peer, and let me suggest you the exact changes

Regards

199
Views
0
Helpful
1
Replies
CreatePlease to create content