Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
292
Views
0
Helpful
1
Replies

IOS EZVPN client to PIX EZVPN server

antonio99
Level 1
Level 1

‎05-08-2008 02:40 PM - edited ‎02-21-2020 02:00 AM

Hello,

I have setup an EZVPN connection between Cisco 851 (client) and PIX 515E 6.3(5) which is configured as an EZVPN server. Everything works OK, but the client is not allowed to save the password which is very annoying and makes the whole thing unusable.

c851#show crypto ipsec client ezvpn

Easy VPN Remote Phase: 6

Tunnel name : test

Inside interface list: Vlan1

Outside interface: Dialer0

Current State: IPSEC_ACTIVE

Last Event: MTU_CHANGED

DNS Primary: 10.10.1.19

DNS Secondary: 10.10.1.19

Default Domain: test.com

Save Password: Disallowed

PIX configuration:

vpngroup test address-pool vpnmail

vpngroup test dns-server 10.10.1.19

vpngroup test default-domain test.com

vpngroup test split-tunnel test

vpngroup test idle-time 86400

vpngroup test password ********

I know there is a 'save-password' option in IOS EZVPN server, but I cannot figure out how to make this happen on PIX. Is this option supported at all or do we need a new ASA device? I also cannot use 'normal' L2L VPN because client uses dynamic IP address.

Regards,

Antonio

0 Helpful
1 Reply 1

Not applicable

‎05-14-2008 11:58 AM

Can you run an ISAKMP capture and "debug crypto isakmp 15" on the Pix

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800945cf.shtml

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card