Re: turning off Xauth for Easy VPN NEM

From: Sadiq Yakasai (sadiqtanko@gmail.com)
Date: Fri Mar 06 2009 - 07:45:33 ARST

• Next message: abderrahim sadki: "advice about 3640"
• Previous message: Sadiq Yakasai: "Re: EZVPN - IP POOL"
• Maybe in reply to: Alexei Monastyrnyi: "Re: turning off Xauth for Easy VPN NEM"
• Next in thread: Alexei Monastyrnyi: "Re: turning off Xauth for Easy VPN NEM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I was under the impression that EZVPN works inherently with xauth, but I may
have misunderstood the operation completely then. In other words, you cannot
disable xauth.

Sadiq

On Fri, Mar 6, 2009 at 8:49 AM, Alexei Monastyrnyi <alexeim73@gmail.com>wrote:

> Hi.
>
> This might help:
>
> http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080808395.shtml
>
> I believe if you would just remove the following from EzVPN server side
> *aaa authentication login userauthen local* /
> /*crypto map clientmap client authentication list userauthen
>
> And remove "** xauth userid mode interactive* " on the client side.
>
> Though I haven't labbed that myself.
>
> Alternatively you can allow clients using saved passwords and use "* xauth
> userid mode local" along with appropriate "username abc password xyz" under
> your EzVPN client configuration.
>
> Second option works fine for me. We don't have a control over EzVPN server
> side, but we asked to allow to use stored passwords and finally got read of
> software VPN client, moving EzVPN client termination to the edge router.
>
> HTH,
> *A.
>
>
> Zeeshan Sanaullah wrote:
>
>> Hello !!
>>
>> What is the method to turn Off Xauth for Easy VPN Network Extension Mode
>>
>> So that the Spoke doesnot need to enter Login Credentials.
>>
>>
>> Regards
>> Zeeshan
>>
>> _________________________________________________________________
>> Windows Live Hotmail. more than just e-mail.
>>
>> http://windowslive.com/howitworks?ocid=TXT_TAGLM_WL_t2_hm_justgotbetter_howit
>> works_022009
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
CCIE #19963
Blogs and organic groups at http://www.ccie.net

• Next message: abderrahim sadki: "advice about 3640"
• Previous message: Sadiq Yakasai: "Re: EZVPN - IP POOL"
• Maybe in reply to: Alexei Monastyrnyi: "Re: turning off Xauth for Easy VPN NEM"
• Next in thread: Alexei Monastyrnyi: "Re: turning off Xauth for Easy VPN NEM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Apr 06 2009 - 06:44:04 ART