Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
271
Views
0
Helpful
1
Replies

Site-to-site VPN

aqswdefrgt
Level 1
Level 1

‎01-19-2006 07:08 PM - edited ‎02-21-2020 02:12 PM

I was wondering if i am able to set up a site-to-site vpn with the remote site using dynamic addressing which is connected to the modem. Does anyone know the answer? Please help...

Labels:
0 Helpful
1 Reply 1

attrgautam
Level 5
Level 5

‎01-19-2006 08:26 PM

Yes it is possible. Your head End should have a static IP while the remote end can have a dynamic IP. Head end should be configured with a dynamic crypto map. But the head end would not be able to trigger connections only the remote site can trigger the tunnel. Sample config at the head end would be

crypto isakmp policy 10

encr 3des

hash md5

authentication pre-share

group 2

crypto isakmp key ********** address 0.0.0.0 0.0.0.0

crypto isakmp keepalive 30

!

crypto ipsec security-association idle-time 60

!

crypto ipsec transform-set test esp-3des esp-sha-hmac

crypto ipsec df-bit clear

!

crypto dynamic-map l2lipsec 10

set transform-set test

match address 124

0 Helpful
Customers Also Viewed These Support Documents