05-29-2009 07:20 AM - edited 03-11-2019 08:37 AM
I have never setup EasyVPN before. I want to setup a remote user with a 871 router and connect back to an ASA5510 running the 8.0(4) code. Can this be setup to only use pre-shared keys for authentication? The user (physician) does not want any interaction when attempting to access an internal resource (outside of the username/password combo for the applications she runs)? I followed the ASA to 871 EasyVPN setup/config example on the site but get stuck with user authentication on the router CLI. Can anyone provide assistance/sample configs? I want to use AES-256 encryption...
Thanks,
Ryan
05-29-2009 08:39 AM
Here's the config docs. I'll throw my warning out there. I have a 5520 here at the office, and I have a 5505 at the house. I run an 871 at the house, and I could NEVER get my 871 to connect to my 5520 at the office. I COULD connect my 871 to my 5505 with no problems. I believe it had something to do with "crypto isakmp identity" on our 5520, but I couldn't change it because we have multiple public IPs from different providers coming in. Ours was set to hostname. When I set mine up at the house with hostname, I could no longer connect, so crypto isakmp identity addres (I believe it's default) is the way to go it seems.
Here's the config guide:
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080809222.shtml
HTH,
John
05-29-2009 09:38 AM
Thanks for your reply. I've been using this guide but keep getting prompted at the CLI for a username and password. I was hoping that the pre-shared key would handle all authentication and avoid username/password authentication (the physician will not know how to get into the router or navigate the CLI).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide