Quick questions. I've been reviewing the guides on Cisco and have yet to find an example of what I'm looking for. The scenario is that there will be a client device that uses DHCP on the WAN side. This device can authenticate using IPSec to a VPN termination device. On our hub end we want to use a Cisco IOS router to terminate the connection. My question is that this will not be exactly a L2L tunnel, the endpoint has a configuration to build in a username to authenticate with. So it appears the tunnel with authenticate using a username a pre-shared key, rather than PSK and configured remote IP address (since this is DHCP). I've found an example of this on Cisco here: http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00800ae459.shtml. Unfortunately the example is from an IOS DHCP endpoint to a 3000-series concentrator. Anyone have a config example of what I'm looking for?
I'll go through the docs above. Thanks for the links. The client device is a junxion cellular endpoint (www.junxion.com). Says it's compatible with Cisco VPN endpoint, but I see no configuration guidelines. I'm going to throw it in the lab today and play with it. Check out the VPN configuration at the above link to see if you can get a better idea of what the Junxion is looking for.
Looks li ke it will only do client-based VPN connectivity. In the lab I have the endpoint talking to the IOS router. I created a JUNXION group with a pre-shared key. When I look in the logs I see the client attempt a connect, but it does match with the JUNXION group. Is there a way to make this group the default group (or create a new one)? I know this can be done on the concentrator.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :