Replacing 1720 with ASA5505, Dynamic VPN Issue

Unanswered Question
Apr 9th, 2008
User Badges:

I have a failing 1720 router that is the center-point to a vpn with two dynamic 1720 routers connecting to it. It also is supporting PPTP VPN connections but I am planning on replacing those with Cisco VPN Software clients.

My problem is with the two dynamic VPN's. I am unable to connect them to my newly configured ASA5505, because the commands have changed and I can no longer specify no-xauth with my pre-shared key. I need help.

When I enter my pre-shared key command it ends up in the tunnel-group DefaultRAGroup, which is fine, but my remote routers get stuck at XAUTH. I need xauth obviously for the remote VPN clients to work, and I want to ignore XAUTH for the two dynamic 1720 routers that use the preshared key.

I have attached the important part of the configs.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
vkapoor5 Tue, 04/15/2008 - 10:09
User Badges:
  • Bronze, 100 points or more

This sample configuration shows how to set up the remote access VPN connection between a Cisco VPN Client (4.x for Windows) and the PIX 500 Series Security Appliance 7.x. The remote VPN Client user autheticates against the Active Directory using a Microsoft Windows 2003 Internet Authentication Service (IAS) RADIUS server.


This Discussion