I configure my EZVPN server using VTI. The client is an IOS in client mode across an ASA. It does not connect.
When I remove the command "xauth userid mode local", and run the "crypto ipsec client ezvpn xauth" ,it connects.
And then when I see the sh run, it has this config added to it( I'm referring to the last line where it says interactive)
crypto ipsec client ezvpn IELAB
group IELAB key CISCO
username cisco password cisco
xauth userid mode interactive
When the client is not across the ASA , it works with the normal "xauth userid mode local". But across the ASA, I have to remove it and it behaves as explained above.
Can someone tell me why it might be happening?