Site to Site VPN Cisco 877

[ifconf]

I have R62 running on an IP390 cluster. I need to setup a VPN with a Cisco 877 router which has a dynamically assigned IP address from the ISP. Does anyone know if this is possible and if so help me with some tips, also where can I find documentation on this subject CP site doesn't seem to have anything.

Many thanks

 

[theaok]

This can be done, but since you are going to be setting this VPN tunnel with a Cisco device that has a dynamic IP address you'll need to use certificates for authentication (pre-shared secrets cannot be used)

You can refer to the VPN Admin Guide from Checkpoint's website for details on setting this up. But this will be basically by defining an interoperable device, choosing "dynamic IP" and configuring the certificates.

I would advise that you use the Checkpoint CA for issuing a certificate to the Cisco device as this will be much easier than setting another 3rd party CA.

 

[desperado618]

Is it because its a Cisco 877 that is does not support psk or because it a dynamically assigned address? I build tunnels all the time to dynamic IP's using psk and haven never ran into any issues.

http://www.NetLeets.com

IT Security news and information
In plain English