Skip navigation
Cisco Learning Home > Certifications > CCIE Security > Discussions

_Communities

369 Views 0 Replies Latest reply: May 2, 2012 5:39 PM by vikram parmar RSS

Currently Being Moderated

Strange IOS EZVPN client behaviour!!!

May 2, 2012 5:39 PM

I configure my EZVPN server using VTI. The client is an IOS in client mode across an ASA. It does not connect.

 

When I remove the command "xauth userid mode local", and run the "crypto ipsec client ezvpn xauth" ,it connects.

 

And then when I see the sh run, it has this config added to it( I'm referring to the last line where it says interactive)

 

crypto ipsec client ezvpn IELAB
connect auto
group IELAB key CISCO
local-address FastEthernet0/0
mode client
peer 132.8.29.2
username cisco password cisco
xauth userid mode interactive

 

When the client is not across the ASA , it works with the normal "xauth userid mode local". But across the ASA, I have to remove it and it behaves as explained above.

 

Can someone tell me why it might be happening?

 

Thanks,

Vikram Parmar

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)