Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Site VPN without a static IP

Hi. We have a remote site that connects to the internet via a Cisco 1801 Integrated Services router plugged into an ISDN line. Ths line only has dynamically assigned public IPs and I'm wondering if it's possible to create a site VPN back to our head office Pix 515 without a static IP at the remote site. Any pointers would be greatly appreciated.

I should also point out that this site already connects to head office via an ADSL line connected to the 801 with a static IP which is working fine. The ISDN is for backup.

2 REPLIES
Hall of Fame Super Blue

Re: Site VPN without a static IP

Rex

Yes you can do this. Have a look at the following link -

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080093f86.shtml

If you also have VPN clients coming into the same device you may want to look at this doc as well -

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00801dddbb.shtml

Edit - i forgot to point out. Because you use 0.0.0.0 as the remote IP address to allow dynamic connections that means any remote device could try and setup a tunnel with your pix. Obviously the device won't be able to without the key but it becomes evern more important to use a secure key.

Jon

Community Member

Re: Site VPN without a static IP

How about using for that EZVPN in NEM? It also should do the job.

326
Views
5
Helpful
2
Replies
CreatePlease to create content