I have a question that I can't seem to find an answer to, yet. First of, I need to set up a VPN between some of our remote sites and the HQ and I would like the tunnel to stay up all the time. Some of the remote site DO NOT have static outsite IP addresses. I have looked at Site to Site VPN but without the static IP it doesn't look like its going to work. Will Easy VPN be able to do something like that? Is there a way that I can accomplish stay-up-all-the-time VPN without the Static IP at the remote site? Please throw some ideas at me.
It depends what device is terminating your VPN. If it is an ASA/pix, you can use the defaultl2lgroup to accept incoming connections. Another option like the previous poster mentioned is DMVPN. DMVPN however is not uspported on firewalls, only routers(to my knowledge anyway). Keep in mind that if the tunnel drops, it will come up when the client side initiates only on the sites with remote IPs. DMVPN seems to like to stay up however.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...