>> >> Here's the setup. I have a Cisco ASA with several site to site VPN tunnels terminated to branch offices. All to date have used static IP addressing on both sides so using the tunnel-group a.b.c.d type l2l has been very simple. We now have a branch with PPPOE DSL and dynamic addressing. Could someone provide an example of the ASA side how to accept a VPN site to site session from a remote device using a dynamic IP. >>
We have a handful of remote sites that use broadband cards as a mechanism to bypass failed T1s so they get dynamic addresses as well. ASA->Linksys_w_broadband <-----Internet-------> ASA_VPN_term---->core_network I'll send you the appropriate snippets if you wish directly and post it here too. I think the key was ( not intended pun ) to use pre-shared keys for the tunnel The remote end certainly knows about the centralized VPN core device and that can have a static entry but the core of course can't. _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
