02-28-2010 09:30 PM - edited 03-04-2019 07:39 AM
Hi,
Have users connecting into ASA, and they are required to enter Group+Shared secret, but then also a username+password(Which we have added as local accounts on the ASA) - Is there anyway to have just Group+shared secret auth?
Thanks in advance
03-05-2010 09:44 AM
They shouldn't be entering the 'Group + Secret' information while attempting a VPN Client connection.
This information should be loaded in their profile if they are using Cisco VPN Client (Connection Entry -> Select Connection -> Modify -> Group Authentication).
Once that's properly entered, all they need to input is their username and password. This is mandatory and you can't connect to the ASA without supplying these values.
03-05-2010 12:28 PM
Hi Edison - Correct, shared secret/group is eneterd only when profile is created - The username/pass combo is no longer needed after 'isakmp ikev1-user-authentication none' was added
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide