cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3205
Views
0
Helpful
2
Replies

Disabling XAuth for Remote VPN Users on ASA 5510 Version 7.2(1)

ss8568
Level 1
Level 1

Anyone know how to disable XAuth for Remote VPN users on the ASA 5510 running 7.2(1)?

HPMFIRE(config)# tunnel-group vpn3000 general-attributes

HPMFIRE(config-tunnel-general)# authen

HPMFIRE(config-tunnel-general)# authentication-server-group none

ERROR: The authentication-server-group none command has been deprecated.

The isakmp command in the ipsec-attributes should be used instead.

HPMFIRE(config-tunnel-general)# tunnel-group vpn3000 ipsec-attributes

HPMFIRE(config-tunnel-ipsec)# isakmp ?

tunnel-group-ipsec mode commands/options:

ikev1-user-authentication Configure IKEv1 User Authentication

keepalive Configure ISAKMP keepalives

configure mode commands/options:

am-disable Disable inbound aggressive mode connections

client Set client configuration policy (DEPRECATED - see 'help

isakmp')

disconnect-notify Enable disconnect notification to peers

enable Enable ISAKMP on the specified interface

identity Set identity type (address, hostname or key-id)

ipsec-over-tcp Enable and configure IPSec over TCP

keepalive Set keepalive interval (DEPRECATED - see 'help isakmp')

key Set pre-shared key for remote peer (DEPRECATED - see 'help

isakmp')

nat-traversal Enable and configure nat-traversal

peer Set xauth and config mode exemption for the specified peer

(DEPRECATED - see 'help isakmp')

policy Set ISAKMP policy suite

reload-wait Wait for voluntary termination of existing connections

before reboot

I couldn't find anything under isakmp to disable it. Thanks for any help.

2 Replies 2

satish77
Level 1
Level 1

Hi There,

Please do the below

Router(config)# crypto isakmp key keystring address peer-address [mask] [no-xauth]

Hello!

You can use the following command in order to disable Xauth:

HPMFIRE(config-tunnel-general)# tunnel-group vpn3000 ipsec-attributes

HPMFIRE(config-tunnel-ipsec)# isakmp ikev1-user-authentication none

Regards,

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: