Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Site to Site vpn UC 500

Hi,

I need to configure site to site vpn using UC 500 , in one side, i have static ip the other end it is dynamic , what is best way to set up a connection using this scenario , EZVPN_GROUP_1 is configured , clients can access the system, but I cannot configure the two UC for communicating each other .


Please advise me what way I can connect these systems.


Regards

Suraj kumar

7 REPLIES

Re: Site to Site vpn UC 500

New Member

Re: Site to Site vpn UC 500

UC 520 in the main site

When I configure using as per the doc

My main site UC is having static ip in WANfor ex xxx.xxx.xxx.xxxx 255.255.255.248

Lan ip is 172.32.0.0 /24

Well the other site

Have Dyanmic ip in wan site

Lan side 192.168.10.0 /24

When I ceate the isakmp policy in the main router having static IP

Crypto isakmp policy 1

Encr 3des

Hash md5

Authentication pre-share

Group2

Crypto isakmp key sbcs address ( the remote site ip is dynamic I have dyndnshostname , but it is not accepting)

What can I do here?

Please advise.

Re: Site to Site vpn UC 500

what is the CLI rejection saying exactly?

New Member

Re: Site to Site vpn UC 500

Cisco (config)#Crypto isakmp key sbcs address aaa.dyndns.org

                                                                                     ^

% Invalid input detected at '^' marker.

                                                                              

When I try a host name instead of ip address  the system says invalid input .The host name which I posted is not  a real hostname (just an example).If I put my real hostname also the result is the same.

Re: Site to Site vpn UC 500

Try Hostname parameter instead?

SBCS-Mobility(config)#crypto isakmp key ?
  0     Specifies an UNENCRYPTED password will follow
  6     Specifies an ENCRYPTED password will follow
  WORD  The UNENCRYPTED (cleartext) user password

SBCS-Mobility(config)#crypto isakmp key key123 ?
  address   define shared key with IP address
  hostname  define shared key with hostname

SBCS-Mobility(config)#crypto isakmp key key123

New Member

Re: Site to Site vpn UC 500


CISCO(config)#crypto map multisite 1 ipsec-isakmp
% NOTE: This new crypto map will remain disabled until a peer
        and a valid access list have been configured.
CISCO(config-crypto-map)#

Please advise me which acl i have to define her

New Member

Re: Site to Site vpn UC 500

You can normalize your config by following the steps in his app note as well:

https://supportforums.cisco.com/docs/DOC-9692

Esentially, the same on as Steve's.


Thanks,


Marcos

4393
Views
0
Helpful
7
Replies
CreatePlease to create content