Showing results for 
Search instead for 
Did you mean: 
Clifford McGlamry
Rising star

EZVPN Client on 4331 or 4431?

I have a customer who has a very nicely working setup with a Cisco 2951 running as an EZVPN client to a head end.  Because the 2951 is EOL, the customer is being pushed to replace this with a currently supported product.  


In looking at the datasheet for the 4000 series routers, it SAYS that they support EZVPN under the security package.   


I have a 4431 on the shelf, and I booted it up and turned on the security package, but the command:

crypto ipsec client ezvpn ....     is missing.  


Is EZVPN client mode supported on any of the currently supported Cisco Routers?


Leonid Voronkin
VIP Collaborator

As I know Cisco isr 4000 does not work as EZVPN client. Only as a server. No one configuration guide does not consist information about client configuration

Если ответ понравился, ставь звёздочку. Если ответ помог решить твою проблему, утверди его в качестве решения

Is there any current production Cisco Router that supports EZVPN as a client?

The 870 routers can function as client.

You are right, they are EoL. EzVPN is considered (very) legacy. What are you after ? Consider FlexVPN as the successor...

In this particular case, we are being pushed to address this by the provider (who is a government organization). They provided the VPN (EZVPN), and they are the ones pushing us to get supported equipment in place.

It's kind of a catch 22, and I think the ultimate answer is that they will have to provide an updated access method.



check the 'Availability' section in the Q&A linked below. All of the routers that support the EZVPN server functionality are EoL. A good argument for going for something more modern, especially in the context of government operations, would be security risks related to outdated technology. That is usually an argument nobody can disregard.