Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

IOS EZVPN client to PIX EZVPN server

Hello,

I have setup an EZVPN connection between Cisco 851 (client) and PIX 515E 6.3(5) which is configured as an EZVPN server. Everything works OK, but the client is not allowed to save the password which is very annoying and makes the whole thing unusable.

c851#show crypto ipsec client ezvpn

Easy VPN Remote Phase: 6

Tunnel name : test

Inside interface list: Vlan1

Outside interface: Dialer0

Current State: IPSEC_ACTIVE

Last Event: MTU_CHANGED

DNS Primary: 10.10.1.19

DNS Secondary: 10.10.1.19

Default Domain: test.com

Save Password: Disallowed

PIX configuration:

vpngroup test address-pool vpnmail

vpngroup test dns-server 10.10.1.19

vpngroup test default-domain test.com

vpngroup test split-tunnel test

vpngroup test idle-time 86400

vpngroup test password ********

I know there is a 'save-password' option in IOS EZVPN server, but I cannot figure out how to make this happen on PIX. Is this option supported at all or do we need a new ASA device? I also cannot use 'normal' L2L VPN because client uses dynamic IP address.

Regards,

Antonio

1 REPLY
Anonymous
N/A

Re: IOS EZVPN client to PIX EZVPN server

Can you run an ISAKMP capture and "debug crypto isakmp 15" on the Pix

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800945cf.shtml

171
Views
0
Helpful
1
Replies
CreatePlease to create content