Simon, What Roger has described would work. It may will most likely run into problems from time to time if there are problems with getting the dynamic DNS provider to update the new Dynamic IP of the firewalls. But this is definitely a possibility.
Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Technical Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Classroom and Self-Study Cisco CCNA (R&S, Voice & Security), CCNP, CCVP, CCSP and CCIE (R&S, Voice, Security & Service Provider) Certification Training with locations throughout the United States, Europe and Australia. Be sure to check out our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Roger Cheeks Sent: Wednesday, November 25, 2009 3:40 PM To: Simon Baumann; [email protected] Subject: Re: [OSL | CCIE_Security] ASA: L2L ipsec with dynamic IP addresses? It is possible to use dynamic DNS in this solution, but I have never tested a VPN like that. It would be easier to maintain and configure with a static on one side. Regards, Roger On 11/25/09, Simon Baumann <[email protected]> wrote: > Hi, > I want to configure an L2L ipsec tunnel between my ASA and a PIX. > Unfortunately both internet connections got dynamic ip addresses. So, I > could only use dns names. > For my knowledge, I need at least one device with an static ip address - > otherwise I could not implement the L2L tunnel? TIA. > > Cheers > Simon > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > -- Sent from my mobile device _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
