I have a network which is Hub and Spoke topology . The hub has a Static IP address assigned to the outside but the spokes have Dynamic IP addresses assigned to the outside . There is a VPN tunnel between Hub and Spoke and every thing is good and operational . Now I need to make VPN tunnel between spokes which both have Dynamic IP addresses assigned to the outside . I need the way and the necessary commands to do this .
Note :The devices that I have used are ASA 5510 and 5505.
To create spoke to spoke tunnels is difficult when both spokes are using dynamic IP addresses. I would suggest to you that there is a different solution which should work and which is much easier to accomplish. You could take traffic from spokeA which is intended for spokeB and send it to the hub which could then forward it to spokeB. You already have most of what you need on the hub (since tunnels to both spokes are already working) and the configuration on the spokes is fairly simple.
Currently your spokes have an access list that identifies traffic originating from the spoke and going to the hub that should be protected by the VPN tunnel. You would need to modify that access list so that it also permits traffic originating from the spoke and destination is the other spoke. You also need to verify that the routing in the spoke will forward traffic to the other spoke out the interface where the crypto map is applied (which is likely to be the case). You would make this change on both spokes and make sure that the access lists at the hub reflect the changed logic at the spokes. You would also need this command on the hub
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...