I configure my EZVPN server using VTI. The client is an IOS in client mode across an ASA. It does not connect.
When I remove the command "xauth userid mode local", and run the "crypto ipsec client ezvpn xauth" ,it connects.
And then when I see the sh run, it has this config added to it( I'm referring to the last line where it says interactive)
crypto ipsec client ezvpn IELAB connect auto group IELAB key CISCO local-address FastEthernet0/0 mode client peer 18.104.22.168 username cisco password cisco xauth userid mode interactive
When the client is not across the ASA , it works with the normal "xauth userid mode local". But across the ASA, I have to remove it and it behaves as explained above.
Can someone tell me why it might be happening?