Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Cisco Employee

site to site VPN behind internet modems

Hi all,

I have a question and I am quite lost, not sure if this is a possible thing to do.

My idea is to create a site to site VPN between two routers at home (one in my workplace home and the other in my holidays/mum home), the edge internet routers/modems should be transparent and traffic between normal devices ( home Wifi network) should work as ususal. I'd need to connect my workplace home network/computer when I am in my holiday's home.

Not sure if I have been entirely clear, but is there a hardware for doing this, like simple routers or  ASA/router can easy do this?



Community Member

site to site VPN behind internet modems

Hi Joan,

First of I would like to ask? when your device connects to the internet from your ISP do you get your IP address via dhcp or you have a static ip address on your router?

With a static IP you can achieve this without issues either using Router or ASA.

With dhcp sourced address! It might be a bit of an issue. Truth is I have never configured L2L vpn with a dhcp address on the router or firewall. To the best of my knowledge most vpn configuration are best with static IP address on your edge devices. For consistency sake. So if you do get your IP via dhcp....I'll advice you get statics to make it easy for you.




site to site VPN behind internet modems


This can be done with pretty much any Cisco router - here is a guide to get you started:

It is not particularly easy if you are a Cisco novice but there are lots of guides out there on the internet.

And I would not worry too much about having a static IP address - you can use free dynamic dns services such as dyndns to overcome the limitations of DHCP allocated IP from your ISP.

CreatePlease to create content