Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
273
Views
0
Helpful
1
Replies

remote access vpn phase one authentication problem

wengkinwong
Level 1
Level 1

‎10-13-2009 07:59 AM - edited ‎02-21-2020 04:21 PM

Hi all,

I would like to verify sth about the remote access vpn authentication

As I remember, I configured RA vpn on pix 6.3 version using "vpdn" command. it should able to establish the vpn only match the group name and pre-shared-key.

but when I configured RA vpn on ASA 7.2 version or above. Beside tunnel group & pre-shared-key, user authentication is also need for establish the vpn.

Can I disable the user authentication on the configuration?

Regards,

Weng Kin

Labels:
0 Helpful
1 Reply 1

JORGE RODRIGUEZ
Level 10
Level 10

‎10-13-2009 11:22 AM

Weng, you can disable user authentication and only use tunnel authentication.

tunnel-group ipsec-attributes

isakmp ikev1-user-authentication none

assume tunnel group name is RAVPN

tunnel-group RAVPN ipsec-attributes

pre-shared-key

isakmp ikev1-user-authentication none <-- will not ask for user authentication

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/i3.html#wp1842328

Regards

Jorge Rodriguez
0 Helpful
Customers Also Viewed These Support Documents