remote access vpn phase one authentication problem

Unanswered Question
Oct 13th, 2009

Hi all,

I would like to verify sth about the remote access vpn authentication

As I remember, I configured RA vpn on pix 6.3 version using "vpdn" command. it should able to establish the vpn only match the group name and pre-shared-key.

but when I configured RA vpn on ASA 7.2 version or above. Beside tunnel group & pre-shared-key, user authentication is also need for establish the vpn.

Can I disable the user authentication on the configuration?

Regards,

Weng Kin

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Tue, 10/13/2009 - 11:22

Weng, you can disable user authentication and only use tunnel authentication.

tunnel-group ipsec-attributes

isakmp ikev1-user-authentication none

assume tunnel group name is RAVPN

tunnel-group RAVPN ipsec-attributes

pre-shared-key

isakmp ikev1-user-authentication none <-- will not ask for user authentication

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/i3.html#wp1842328

Regards

Actions

This Discussion