[c-nsp] Site to Site VPN using ASA and far end with dynamic peer
Scott Granados
scott at granados-llc.net
Thu Jan 6 18:46:30 EST 2011
Hi, I have a relatively simple question but the examples I find on cisco.com don't seem to do much but confuse me.:)
Here's the setup. I have a Cisco ASA with several site to site VPN tunnels terminated to branch offices. All to date have used static IP addressing on both sides so using the tunnel-group a.b.c.d type l2l has been very simple. We now have a branch with PPPOE DSL and dynamic addressing. Could someone provide an example of the ASA side how to accept a VPN site to site session from a remote device using a dynamic IP.
What do you use instead of the target tunnel-group / peer address entry?
Presently the ASA is running 8.2.x code using a normal dynamic map for remote clients and the standard crypto map entries for each peer. I assume it's some variation on the dynamic map theme but not quite sure how to make that work.
Any pointers would be appreciated.
Thanks
Scott
More information about the cisco-nsp
mailing list