Hi Guys,
We currently have an EZVPN setup with ASA 5505s at the remote site
and 5540s at the head end. There is a requirement to convert this VPN to
Site-to-Site as "Direct Authentication" now needs to be turned on at the
client side. We still want to authenticate the remote ASAs using xauth but
I'm being told that this is not supported by tac. It may be because I am
using a dynamic-map rather then a pure site to site tunnel at the head end but
I would like to know what you guys think. I don't understand why one version
of IKE (for EZVPN) would support xauth and another version for site-to-site
tunnels would not.
Any input is greatly appreciated.
Make a small
loan, Make a big difference - Kiva.org
________________________________
Blogs and organic groups at http://www.ccie.net
Received on Fri Sep 06 2013 - 14:46:19 ART
This archive was generated by hypermail 2.2.0 : Tue Oct 01 2013 - 06:36:35 ART