Disable the xauth in IOS router for EZVPN client

Unanswered Question
Nov 10th, 2007
User Badges:

I am trying to diable the xauth option and make the authentication by default not the interactive. I have tried using the username option, still its in the xauth interactive mode.Please can anyone help me out in this.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
ajagadee Sat, 11/10/2007 - 11:04
User Badges:
  • Cisco Employee,

If possible, Can you post the current configuration from the router. If not, make sure that your configuration looks like the below:


crypto ipsec client ezvpn EZVPNCLIENT

connect auto

group TEST key TEST123

mode network-extension

peer 1.1.1.1

username cisco password cisco

xauth userid mode local


Let me know if it helps.


Regards,

Arul



mkmzaman Mon, 11/12/2007 - 00:51
User Badges:

thanks for your reply.


I am using the same configuration for my device. i have given the mode as local and defined the username and password.


regards,

muneer

kcoming Mon, 11/12/2007 - 09:44
User Badges:

If the ezvpn server doesn't allow password storage on client, you won't be able to set this to xauth userid mode local.


On a 3000 head end, this is set on the hardware client tab for the group. For IOS/PIX head end, I don't know how to set it.

mkmzaman Mon, 11/12/2007 - 20:55
User Badges:

Thanks for your help.


I have enabled Password-storage command at Headend device, it started working.

ajagadee Tue, 11/13/2007 - 07:53
User Badges:
  • Cisco Employee,

Great! Thanks for the update!


Regards,

Arul

xzjleo2005 Wed, 05/26/2010 - 18:07
User Badges:

Hi, which IOS verion comes with this 'local' option, my router only has   http-intercept and  interactive. it's c2800nm-advipservicesk9-mz.124-15.T7.bin


Thanks, Leo

Actions

This Discussion