easy VPN remote + xauth, but without user intervention?

Unanswered Question
Sep 30th, 2009
User Badges:

Hello everybody:

I have an opportunity to deploy an ASA (EZvpn server) in the central site and many 800 (EZvpn remote) in the remote sites (these devices with dynamic IP address on their external interfaces).

I would like to follow the idea (based on xauth) suggested in http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080809222.shtml because it would let me configure a different user/passwd to each remote device.

Otherwise, I would be forced to define a wildcard preshared key for all the remote devices.

But the configuration example of the aforementioned URL, IMHO, is not realistic for a real world installation, since it asks the remote users to log into the router, type an IOS command, and enter username/password each time the device needs to be connected.

At least in my case, the best I can ask from the remote users is to unplug the power cable and plug it on again :o)


Then my question is: ¿is it possible to have eazyVPN remote to use xauth but preconfigure username/password so when the challenge comes from the central site the device can respond on its own without any user intervention???


Thanks a lot in advance, Rogelio

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rgonzalch Fri, 10/09/2009 - 10:11
User Badges:


and if you want the tunnel always up use connect auto command with this every time when you want some challenge from central site it is possible coz the tunnel is always up.

Actions

This Discussion