cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
260
Views
0
Helpful
1
Replies

remote access vpn phase one authentication problem

wengkinwong
Level 1
Level 1

Hi all,

I would like to verify sth about the remote access vpn authentication

As I remember, I configured RA vpn on pix 6.3 version using "vpdn" command. it should able to establish the vpn only match the group name and pre-shared-key.

but when I configured RA vpn on ASA 7.2 version or above. Beside tunnel group & pre-shared-key, user authentication is also need for establish the vpn.

Can I disable the user authentication on the configuration?

Regards,

Weng Kin

1 Reply 1

JORGE RODRIGUEZ
Level 10
Level 10

Weng, you can disable user authentication and only use tunnel authentication.

tunnel-group ipsec-attributes

isakmp ikev1-user-authentication none

assume tunnel group name is RAVPN

tunnel-group RAVPN ipsec-attributes

pre-shared-key

isakmp ikev1-user-authentication none <-- will not ask for user authentication

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/i3.html#wp1842328

Regards

Jorge Rodriguez
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: