VPN Client -> ASA Group+Shared secret only?

Unanswered Question
Feb 28th, 2010


Have users connecting into ASA, and they are required to enter Group+Shared secret, but then also a username+password(Which we have added as local accounts on the ASA) - Is there anyway to have just Group+shared secret auth?

Thanks in advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Edison Ortiz Fri, 03/05/2010 - 09:44

They shouldn't be entering the 'Group + Secret' information while attempting a VPN Client connection.

This information should be loaded in their profile if they are using Cisco VPN Client (Connection Entry -> Select Connection -> Modify -> Group Authentication).

Once that's properly entered, all they need to input is their username and password. This is mandatory and you can't connect to the ASA without supplying these values.

johnelliot6 Fri, 03/05/2010 - 12:28

Hi Edison - Correct, shared secret/group is eneterd only when profile is created - The username/pass combo is no longer needed after 'isakmp ikev1-user-authentication none' was added


This Discussion