Is it possible to setup a multi-site WAN, using VPN over high-speed DSL/Cable connections with DYNAMIC IP addresses? If so, could someone please recommend what Cisco equipment could accomplish this?
Thanks, Mike
In article , Mike wrote: :Is it possible to setup a multi-site WAN, using VPN over high-speed :DSL/Cable connections with DYNAMIC IP addresses? If so, could someone :please recommend what Cisco equipment could accomplish this?
I wouldn't want to rule it out, but it's not easy.
There is no way to do it with PIX 6.x, short of having something external that reached in and reconfigured the peer IP addresses as they changed.
I do not think there is a way to do it with PIX 7.0 (except as above), but I have not had time to dig into the tricks of 7.0 as yet.
Last I heard, the VPN 3000 series was not able to do dynamic IP resolution (except perhaps when the configuration is read?)
There is no regular way to do it with IOS, except as follows: IOS will look up hostnames into IP addresses at the time the configuration is read, so you could use an 'expect' script or SNMP to either reload the configuration or to update part of the configuration. [When you 'copy tftp', there is no requirement that what you copy is a complete configuration -- it could be just enough commands to update the peer.]
With some of the newest IOS versions, there is TCL support, and plausibly you may be able to use the 'kron' command to tickle an IP address re-resolution.
hi If i was to run a site to site vpn from a remote to a hub and use gre tunnel to run a routing protocol as well can this be down with a dynamic ip or do i need a static at the remote. the hub end is static.
thanks
Hi,
Dynamic Multipoint VPN (DMVPN) on Cisco IOS. Uses combination of routing protocol and NHRP (next hop resolution protocol) to determine the dynamically assigned spokes to be used as VPN endpoints.
EIGRP + OSPF example:
Thank for the reply We have decided to use a 1720 router to connect to the provider dsl modem and have the clients vpn. The 1720 has a fastethernet port which will be connected to the provider. Can the fastethernet port pull down a dynamic ip from the dsl modem. The provider cannot provide a static. I tried to do a "ip address negotiated" to pull down a dynamic but it will not take. Also where do i configure either the pap or chap username and password and the dns. So basically i need to configure the 1720 like a linksys so users can connect to the isp and run vpn client. The 1720 will also provide dhcp.
thanks
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.