sebastianganson
Programmer
Apologies if this question has already been posted.
I am trying to determine whether or not I can use a dns entry for the set peer command on our PIX to establish a VPN connection to another (non-Cisco) Firewall. The non-Cisco firewall does not have a static IP Address and we do not want to set the IP address of the incoming host to be just ANY ip address. It was therefore suggested that instead of using (eg.)
crypto map PIXTONOTPIX 20 set peer 111.111.111.111
we could use
crypto map PIXTONOTPIX 20 set peer them.there.com
(in anticipation of the question, the NOTPIX side has a method of dynamically updating their DNS entry whenever their ISP provided IP address is reset which is why the DNS entry would virtually be a static entry)
I tried searching at Cisco's site, but all of the examples use IP Addresses and no dns entries.
In addition, this may not have any bearing on the matter, I am unable to ping from the PIX to anywhere with anything other than an IP Address which is what causes me to worry about using a dns entry in the peer command.
Is there something else I need to set, or will this config just not work?
Regards,
Sebastian
I am trying to determine whether or not I can use a dns entry for the set peer command on our PIX to establish a VPN connection to another (non-Cisco) Firewall. The non-Cisco firewall does not have a static IP Address and we do not want to set the IP address of the incoming host to be just ANY ip address. It was therefore suggested that instead of using (eg.)
crypto map PIXTONOTPIX 20 set peer 111.111.111.111
we could use
crypto map PIXTONOTPIX 20 set peer them.there.com
(in anticipation of the question, the NOTPIX side has a method of dynamically updating their DNS entry whenever their ISP provided IP address is reset which is why the DNS entry would virtually be a static entry)
I tried searching at Cisco's site, but all of the examples use IP Addresses and no dns entries.
In addition, this may not have any bearing on the matter, I am unable to ping from the PIX to anywhere with anything other than an IP Address which is what causes me to worry about using a dns entry in the peer command.
Is there something else I need to set, or will this config just not work?
Regards,
Sebastian