The way I understand it, once a dynamic crypto map is "activated" (the dynamic client connects), a route is added to its dynamic table of reachable subnets. The route to the remote lan is only active when the dynamic vpn client establishes a connection and completes both phases of tunnel setup.
This being said, no, you don't have to create a static route to the remote lan on the central router. The next question would then be: If running a Routing protocol such as RIP or EIGRP, do you need to include those remote lan subnets in the AS definition?? I could be wrong, but I'm pretty sure this is correct. As I've never done this before, anybody, please feel free to correct me :) Mark --- jdr wrote: > Hello, > I'm sorry for ask this stupid question, but I can't > find a answer > > > I'm working on this scenario: > > LAN-to-LAN ipsec conections, hub and spoke topology. > A central site with a 7100 router,10 remote sites > with 806 routers (ADSL or > cable connections). > > > 1.1.1.0-- (7100 Router)- 11.1.1.1 ------- INTERNET > ---------- X.X.X.X > (806 Router)-- 2.2.2.0 > > | > > | > > - > --------- Y.Y.Y.Y (806 Router)-- 2.2.3.0 > > > My problem is that the 806 public IPs are dynamic > and it can change every > time that the 806 router restart. > > If the remote site IPs are dynamic, how do I can > route the traffic from the > central site to the branch ofices? > > I can configure the central router to accept dynamic > connections with a > preshared Key (for example), but Idon't know > configure the central site to > reach the private LANs of the remotes sites after > the connections are up. > > The CISCO examples always use a route to the remote > LAN through the public > IP (X.X.X.X) of the remote sites, but I can't use it > on this scenario > because it could change . > > > Thank you for your help and your patience (as I tell > you it was a stupid > question). > > > > Juan [EMAIL PROTECTED] __________________________________________________ Yahoo! - We Remember 9-11: A tribute to the more than 3,000 lives lost http://dir.remember.yahoo.com/tribute Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=53054&t=53028 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
