cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4969
Views
0
Helpful
2
Comments
TCC_2
Level 10
Level 10

Core issue

This issue is due to the presence of Cisco bug ID CSCsh75977.

In this issue, after a reboot of the PIX or ASA firewall, the Easy VPN Remote tunnel does not open. At boot time, the firewall displays an error on the console similar to this:

.* Remove 'aaa authentication listener' configuration

CONFIG CONFLICT: Configuration that would prevent successful Cisco Easy VPN Remote operation has been detected, and is listed above. Please resolve the above configuration conflict(s) and re-enable.


The
show running-config command shows that two or more aaa authentication listener commands are added automatically, and that the vpnclient enable command is removed.

The defect only occurs if the interface used by VPN Remote is configured with a dynamic IP address, which is either Dynamic Host Control Protocol (DHCP) or Point-to-Point over Ethernet (PPoE).

Resolution

The workaround for this issue is to remove the aaa authentication listener command, then issue the vpnclient enable command in configuration mode.

In order to completely resolve this issue, downgrade the PIX/ASA to version 7.2(1) or upgrade to version 7.2(2.14) and later.

Refer to Cisco Downloads in order to download the suggested PIX/ASA software versions.

Comments
caid-iops
Level 1
Level 1

I experience this problem on a ASA 5505 running 8.2(1).

RAINER PARZER
Level 1
Level 1

Will this bug be fixed in one of the future releases??

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: