[c-nsp] Site to Site VPN using ASA and far end with dynamic peer

schilling schilling2006 at gmail.com
Thu Jan 6 19:34:30 EST 2011


You have ASA/IOS routers on the branch office, right?

Cisco Easy VPN Remote Client might be what you are looking for. You
can use client mode or network extension mode according to your need.

http://www.cisco.com/en/US/products/sw/secursw/ps5299/index.html

Schilling

On Thu, Jan 6, 2011 at 6:46 PM, Scott Granados <scott at granados-llc.net> wrote:
> Hi, I have a relatively simple question but the examples I find on cisco.com don't seem to do much but confuse me.:)
>
> Here's the setup.  I have a Cisco ASA with several site to site VPN tunnels terminated to branch offices.  All to date have used static IP addressing on both sides so using the tunnel-group a.b.c.d type l2l has been very simple.  We now have a branch with PPPOE DSL and dynamic addressing.  Could someone provide an example of the ASA side how to accept a VPN site to site session from a remote device using a dynamic IP.
>
> What do you use instead of the target tunnel-group / peer address entry?
>
> Presently the ASA is running 8.2.x code using a normal dynamic map for remote clients and the standard crypto map entries for each peer. I assume it's some variation on the dynamic map theme but not quite sure how to make that work.
>
> Any pointers would be appreciated.
>
> Thanks
> Scott
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>



More information about the cisco-nsp mailing list