VPN Client -> ASA Group+Shared secret only?

Unanswered Question
Feb 28th, 2010
User Badges:


Have users connecting into ASA, and they are required to enter Group+Shared secret, but then also a username+password(Which we have added as local accounts on the ASA) - Is there anyway to have just Group+shared secret auth?

Thanks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Edison Ortiz Fri, 03/05/2010 - 09:44
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

They shouldn't be entering the 'Group + Secret' information while attempting a VPN Client connection.

This information should be loaded in their profile if they are using Cisco VPN Client (Connection Entry -> Select Connection -> Modify -> Group Authentication).

Once that's properly entered, all they need to input is their username and password. This is mandatory and you can't connect to the ASA without supplying these values.

johnelliot6 Fri, 03/05/2010 - 12:28
User Badges:

Hi Edison - Correct, shared secret/group is eneterd only when profile is created - The username/pass combo is no longer needed after 'isakmp ikev1-user-authentication none' was added


This Discussion