Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
757
Views
5
Helpful
2
Replies

Site VPN without a static IP

Rex Biesty
Level 1
Level 1

‎11-19-2008 08:29 AM - edited ‎02-21-2020 04:02 PM

Hi. We have a remote site that connects to the internet via a Cisco 1801 Integrated Services router plugged into an ISDN line. Ths line only has dynamically assigned public IPs and I'm wondering if it's possible to create a site VPN back to our head office Pix 515 without a static IP at the remote site. Any pointers would be greatly appreciated.

I should also point out that this site already connects to head office via an ADSL line connected to the 801 with a static IP which is working fine. The ISDN is for backup.

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎11-19-2008 09:01 AM

Rex

Yes you can do this. Have a look at the following link -

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080093f86.shtml

If you also have VPN clients coming into the same device you may want to look at this doc as well -

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00801dddbb.shtml

Edit - i forgot to point out. Because you use 0.0.0.0 as the remote IP address to allow dynamic connections that means any remote device could try and setup a tunnel with your pix. Obviously the device won't be able to without the key but it becomes evern more important to use a secure key.

Jon

remi-reszka
Level 1
Level 1
In response to Jon Marshall

‎11-20-2008 09:12 PM

How about using for that EZVPN in NEM? It also should do the job.

0 Helpful
Customers Also Viewed These Support Documents