I have setup an EZVPN connection between Cisco 851 (client) and PIX 515E 6.3(5) which is configured as an EZVPN server. Everything works OK, but the client is not allowed to save the password which is very annoying and makes the whole thing unusable.
c851#show crypto ipsec client ezvpn
Easy VPN Remote Phase: 6
Tunnel name : test
Inside interface list: Vlan1
Outside interface: Dialer0
Current State: IPSEC_ACTIVE
Last Event: MTU_CHANGED
DNS Primary: 10.10.1.19
DNS Secondary: 10.10.1.19
Default Domain: test.com
Save Password: Disallowed
vpngroup test address-pool vpnmail
vpngroup test dns-server 10.10.1.19
vpngroup test default-domain test.com
vpngroup test split-tunnel test
vpngroup test idle-time 86400
vpngroup test password ********
I know there is a 'save-password' option in IOS EZVPN server, but I cannot figure out how to make this happen on PIX. Is this option supported at all or do we need a new ASA device? I also cannot use 'normal' L2L VPN because client uses dynamic IP address.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...