0 Replies Latest reply: May 2, 2012 5:39 PM by vikram parmar RSS

    Strange IOS EZVPN client behaviour!!!

    vikram parmar

      I configure my EZVPN server using VTI. The client is an IOS in client mode across an ASA. It does not connect.

       

      When I remove the command "xauth userid mode local", and run the "crypto ipsec client ezvpn xauth" ,it connects.

       

      And then when I see the sh run, it has this config added to it( I'm referring to the last line where it says interactive)

       

      crypto ipsec client ezvpn IELAB
      connect auto
      group IELAB key CISCO
      local-address FastEthernet0/0
      mode client
      peer 132.8.29.2
      username cisco password cisco
      xauth userid mode interactive

       

      When the client is not across the ASA , it works with the normal "xauth userid mode local". But across the ASA, I have to remove it and it behaves as explained above.

       

      Can someone tell me why it might be happening?

       

      Thanks,

      Vikram Parmar