Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Replacing 1720 with ASA5505, Dynamic VPN Issue

I have a failing 1720 router that is the center-point to a vpn with two dynamic 1720 routers connecting to it. It also is supporting PPTP VPN connections but I am planning on replacing those with Cisco VPN Software clients.

My problem is with the two dynamic VPN's. I am unable to connect them to my newly configured ASA5505, because the commands have changed and I can no longer specify no-xauth with my pre-shared key. I need help.

When I enter my pre-shared key command it ends up in the tunnel-group DefaultRAGroup, which is fine, but my remote routers get stuck at XAUTH. I need xauth obviously for the remote VPN clients to work, and I want to ignore XAUTH for the two dynamic 1720 routers that use the preshared key.

I have attached the important part of the configs.

  • Other Security Subjects

Re: Replacing 1720 with ASA5505, Dynamic VPN Issue

This sample configuration shows how to set up the remote access VPN connection between a Cisco VPN Client (4.x for Windows) and the PIX 500 Series Security Appliance 7.x. The remote VPN Client user autheticates against the Active Directory using a Microsoft Windows 2003 Internet Authentication Service (IAS) RADIUS server.

This widget could not be displayed.