I use this for backup connectivity on dynamic endpoints and they are quite happy. One end must be fixed (which I assume is yours).
Their configuration: set security ike gateway gateway-name local-identity inet their-vpn-ip-address set security ike gateway gateway-name remote-identity inet your-vpn-ip-address Yours: set security ike gateway gateway-name local-identity inet your-vpn-ip-address set security ike gateway gateway-name dynamic inet their-vpn-ip-address delete security ike gateway gateway-name address I believe this requires 11.3+ but I'm not exactly sure. The remote-identity command is not there in earlier versions. Aaron On May 11, 2011, at 8:53 AM, Pappas, AJ wrote: > I have a srx240. I have someone who has a vpn with us who wants to change > from a static IP address on an ipsec tunnel to a FQDN. Is there any > documentation on how to do this or if it is possible? He is able to provide > the two ip’s to me that it will be coming from. This is for a failover from > them. Two separate providers / ip’s. > > AJ Pappas | Network Administrator > > Ottawa Regional Hospital & Healthcare Center > <image001.jpg> > > > www.ottawaregional.org | apap...@ottawaregional.org > phone: 815.431.5180 | mobile line: 815.993.8522 > 1100 East Norris Drive, Ottawa, IL 61350 USA > > P Please consider the environment before printing this e-mail. > > > Confidentiality Notice: This e-mail may contain confidential information. > The information is intended only for the use of the recipient named above. > If you are not the intended recipient, you are hereby notified that any > disclosure, copying, distribution, or the taking of any action in reliance on > the contents of this information, except its direct delivery to the intended > recipient named above, is strictly prohibited. If you have received this > e-mail in error, please notify the sender of this and also delete the e-mail > from all systems this message is stored on. > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp