Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

remote access vpn phase one authentication problem

Hi all,

I would like to verify sth about the remote access vpn authentication

As I remember, I configured RA vpn on pix 6.3 version using "vpdn" command. it should able to establish the vpn only match the group name and pre-shared-key.

but when I configured RA vpn on ASA 7.2 version or above. Beside tunnel group & pre-shared-key, user authentication is also need for establish the vpn.

Can I disable the user authentication on the configuration?

Regards,

Weng Kin

1 REPLY

Re: remote access vpn phase one authentication problem

Weng, you can disable user authentication and only use tunnel authentication.

tunnel-group ipsec-attributes

isakmp ikev1-user-authentication none

assume tunnel group name is RAVPN

tunnel-group RAVPN ipsec-attributes

pre-shared-key

isakmp ikev1-user-authentication none <-- will not ask for user authentication

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/i3.html#wp1842328

Regards

110
Views
0
Helpful
1
Replies