Solved: Dial backup VPN - preshare key issue

agos-hicl · ‎12-14-2007

I'm using dial backups to my DSL connections in case of failure but on my host router I also use EZVPN Server for Client VPN access. As a result the the EZVPN Server uses xauth for preshare authentication:

crypto isakmp key ??????? address 0.0.0.0 0.0.0.0

BUT for my dial backup VPN to work I need to use dynamic IP for the peer IP address thus requiring:

crypto isakmp key ?????? address 0.0.0.0 0.0.0.0 no xauth

I've tried configuring keys for the dial-in subnets, but it still seems to use the default.

Is this simply not supported or is there a workaround?

My host (main) router is a CISCO 1841, my remote router is 877.

Cheers,

Sean

kaachary · ‎12-25-2007

You need to configure ISAKMP profiles on the Ezvpn server router.

http://cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00801dddbb.shtml

That would do it.

View solution in original post

ivillegas · ‎12-21-2007

As far as I know it is supported. Have a look at the following URL for configuration http://cisco.com/en/US/products/ps6635/products_white_paper0900aecd80393720.shtml

kaachary · ‎12-25-2007

You need to configure ISAKMP profiles on the Ezvpn server router.

http://cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00801dddbb.shtml

That would do it.