I have a pix firewall that has a site to site vpn with another branch office. It is also working as a remote vpn.
Below are the commands use to setup the ipsec tunnel. Both site to site vpn and remote client vpn works fine.
I was wondering if the command "crypto map testmap client authentication LOCAL" would affect my site to site vpn in anyway since only remote client vpn does authentication base on username and password set on my firewall. Thks in advance.
crypto map testmap 20 ipsec-isakmp
crypto map testmap 20 match address outside_cryptomap_20
crypto map testmap 20 set peer 2xx.xx.xx.xx
crypto map testmap 20 set transform-set ESP-DES-MD5
crypto map testmap 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map testmap client authentication LOCAL
crypto map testmap interface outside
If its a PIX running version 6.x, you have a command like:
crypto isakmp key xxxxxxx peer 126.96.36.199 no-xauth
You should add the ''no xauth'' to the peer, so that the L2L won't be prompted for Extended Authentication (only the remote VPN clients).