If I get this correctly you can use dynamic-map feature as seen in the example here:
http://www.cisco.com/warp/customer/707/ios_804.html ""the-other-jason"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Help, I can't think of a way to do this ..... :-( > > We have two IPSec "appliances" at work that require known, routable > addresses on their "non-secure" ethernet interfaces. > > We want to create a kit engineers can take home for remote IPSec access > into the network from personal cable/dsl connections. Our typical home > networks have a cheapo router running NAT. The router is getting a real > "outside" address from a service provider via DHCP (point "C" in the > drawing). On the inside, we use private addressing (point "B"). > > The problem is to configure an IPSec appliance with a real address but > connect it via the private address LAN at home. The obvious way to do > this is with a tunnel, so we've managed to scavenge a couple of old > 2500s for this purpose... > > > IPSec cheapo IPSec > appliance -->2500-->router-->ISP-->Internet-->3660-->2500-->appliance > A B C D > > Ideally, we want a tunnel from the left side of the left 2500 to either > the 3660 or the right 2500 .... so that we can give the left IPSec > appliance some of our address space. With GRE, however, you have to > specify the endpoint addresses in advance, and of course we don't know > what address the ISP will give one via DHCP .... > > After some reading, I _think_ PPPoE, L2F, PPTP, and L2TP won't help us much > > Does anyone have any ideas? > > Jason Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=32059&t=32057 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]