To PIX OS and IOS/VPN gurus:
I need to configure a LAN-to-LAN VPN with a peer that uses a dynamic IP (a sonicwall in this case). I am Cisco on our end but cannot figure out how to tell the Cisco to accept the remote peer without knowing its IP. I thought we could use a FQDN and DynamicDNS service, but the set peer hostname refers to something you named using "name"
-- no good for my needs.
The ASA I am testing with is placing the IKE traffic onto the DefaultRAGroup, not the ipsec-l2l group I want to connect with. I can use a router if IOS has a way to do this that PIX OS lacks.
DO I need to use a CA for this? If so, can the ASA act as the CA for the request?
Many thanks in advance.
Shawn