Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > pix multiple ipsec tunels dynamic ip address

Reply
Thread Tools

pix multiple ipsec tunels dynamic ip address

 
 
no@no.no
Guest
Posts: n/a
 
      04-01-2005
If I want to have several simultanious ipsec tunnels with remote non cisco
routers with dynamic IP addresses, can I configure PIX using dynamic map?
How PIX will know wich subnet is behind wich peer?

thanks!
 
Reply With Quote
 
 
 
 
mcaissie
Guest
Posts: n/a
 
      04-01-2005

<(E-Mail Removed)> wrote in message
news:qlzj96t9icrk.6cx0lnf2zytl$(E-Mail Removed)...
> If I want to have several simultanious ipsec tunnels with remote non cisco
> routers with dynamic IP addresses, can I configure PIX using dynamic map?
> How PIX will know wich subnet is behind wich peer?
>
> thanks!


Yes you can.

In a dynamic map you can still create an entry per tunnel an specify
parameters
such as the match address

no] crypto dynamic-map dynamic-map-name dynamic-seq-num match address
acl_name

To only problem is that only the remote site will be able to initiate the
tunnel. But depending on your needs it may not be a problem.


 
Reply With Quote
 
 
 
 
no@no.no
Guest
Posts: n/a
 
      04-02-2005
On Fri, 01 Apr 2005 16:52:07 GMT, mcaissie wrote:
> <(E-Mail Removed)> wrote in message
> news:qlzj96t9icrk.6cx0lnf2zytl$(E-Mail Removed)...
>> If I want to have several simultanious ipsec tunnels with remote non cisco
>> routers with dynamic IP addresses, can I configure PIX using dynamic map?
>> How PIX will know wich subnet is behind wich peer?
>>
>> thanks!

>
> Yes you can.
>
> In a dynamic map you can still create an entry per tunnel an specify
> parameters
> such as the match address
>
> no] crypto dynamic-map dynamic-map-name dynamic-seq-num match address
> acl_name
>
> To only problem is that only the remote site will be able to initiate the
> tunnel. But depending on your needs it may not be a problem.


I hope it will work, next week I will get additional equipement and try
with several tunnels. But I still do not understand how PIX will know wich
IP subnet is behind which peer. Peers are routers with wan interface to
provider (dynamic addresses), and eth to network with devices that need
secure communication to central site

thanks
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ipsec when one site has dynamic ip address dt1649651@yahoo.com Cisco 2 04-25-2008 07:36 AM
IPsec within L2TP over IPsec - PIX. AM Cisco 0 07-23-2006 10:14 PM
filtering ipsec traffic pix to pix Martin Eden Cisco 2 01-14-2004 12:22 PM
Does Pix or cisco router support dynamic-to-dynamic IPSec VPN? c Cisco 2 01-13-2004 01:53 AM
Bandwidth usage on PIX to PIX ipsec vpn tunnels Paul McLaren Cisco 3 07-17-2003 09:58 PM



Advertisments