Multiple Site to Site Tunnels plus Remote Access clients

Unanswered Question
Oct 23rd, 2007

I have a Cisco 3825 router with security bundle which acts solely as a "VPN router".


There are about 9 static tunnels with peers and pre-share keys defined. I also have 8 or so small Linksys routers which create tunnels to this router. Since these small routers are on cable/DSL we have a wild card policy (no set remote peer). All of the ISAKMP policies are set to no-xauth.


Now my question. Since we have a policy that is set to, basically any remote endpoint (requires pre-share key), I cannot seem to set up a config that allows a Cisco remote access client to connect to this router. Is it possible to get this to work? I have set up SEVERAL RA clients on PIXs and routers, but NOT with the presents of a wild card ISAKMP policy. I'm afraid I painted myself into a major corner. :)


If I do get this to work. My end goal is to implement RAS to authenticate RA clients to active directory.


ANY advice would be appreciated. I have about pulled every hair in my head out.


Respectfully,


Bobby

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
andrew.vlasek@g... Tue, 11/27/2007 - 13:33

I think you need to have an AAA server such as acs then link the ACS to active directory I know you can do this with an ASA.

Actions

This Discussion