Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

EzVPN with CSM

I want to make an EzVPN site-to-site tunnel with CSM. The client side has a private ip address on the WAN interface. My problem is that I can not access the private ip address via the internet. However when I want to set up an EzVPN connection with CSM, the Wizzard needs two peers to do so. Is there a solution for this issue?(the userguide is not conclusive about this)

Cisco Employee

Re: EzVPN with CSM

If you don't have access to one or more of the participating nodes in the VPN, then the technique is to still define those nodes in CSM so they can be used in the VPN definition, however, when it comes time to deploy, choose deploy to file for the nodes which are not accessible. The unreachable devices will still of course need to be configured for the VPN to work and you can use this file deployed on the CSM server to identify what CLI is required on the device for the VPN to work.