Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

The VPN client mode configuration attributes are not enforced when XAUTH is disabled and the PIX 500 Series Firewall with software version 7.x is used



This document describes the issue faced by an user when configuration attributes are not enforced when XAUTH is disabled.


What is XAUTH?

  • The xAuth process enables the user with read-only or read-write access tokens.If user requires access to a user's direct messages, he needs to use the full OAuth flow.
  • xAuth enables a path for desktop and mobile applications to exchange login details ( username and password) for an OAuth access token.
  • xAuth requires user should use header-based OAuth authentication over an SSL access token end point while using POST HTTP method.

Core issue

This issue is due to the presence of Cisco bug ID CSCeh29328.

This issue occurs on the PIX Firewall 7.0 when authentication or authorization is not configured on the tunnel group.

VPN clients connect to the PIX that serves as the VPN concentrator. The VPN clients do not receive information on the Domain Name Server (DNS), the server name, and split tunnel data, even though the VPN clients and PIX are configured on the tunnel group.



As a workaround, perform one of these steps: