Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
879
Views
0
Helpful
5
Replies

ASA5505 to PIX501 Easy VPN - no authentication?

sjhrhaskell
Level 1
Level 1

‎11-15-2010 05:44 AM

Hey gang,

I've got a working Easy VPN setup between a 5505 (server) and 501 (client) based on this config:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808a61f4.shtml

It works fine.  But, how do I do this without requiring a username/password for the connection?  The problem is that I'm replacing a 501 server with the new 5505, and all the remote client 501s are already configured not to user a username/password.  That works fine with a 501 as the host but I'm not sure how to do it with the 5505.

Thanks!

Labels:
0 Helpful
5 Replies 5

Jitendriya Athavale
Cisco Employee
Cisco Employee

‎11-15-2010 06:57 AM

see if this helps

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_configuration_example09186a00808a61f4.shtml


----------

oop's didnt see you used the same link

anyway so whr is the problem now

whta is your server and wht is the client

0 Helpful

sjhrhaskell
Level 1
Level 1
In response to Jitendriya Athavale

‎11-15-2010 07:04 AM

The server is the ASA5505, and the client is the PIX 501.  What I'm trying to do is eliminate the need for username/password.  I already have a bunch of remote 501s in the field configured to NOT user username/password when connecting to the current 501 server.  When I replace the host 501 with this 5505, I don't want to have to re-config the remotes.  But so far in the lab I can't get it the 5505<>501 VPN to work without username/password.

0 Helpful

Jitendriya Athavale
Cisco Employee
Cisco Employee
In response to sjhrhaskell

‎11-15-2010 07:15 AM

under the

tunnel-group xyz general-attributes

password management


under group policy xyz attributes

password-storage enable

see if that helps

0 Helpful

sjhrhaskell
Level 1
Level 1
In response to Jitendriya Athavale

‎11-15-2010 07:22 AM

No, those commands are for support of the software-based VPN desktop clients.

0 Helpful

apothula
Level 1
Level 1
In response to sjhrhaskell

‎11-15-2010 07:59 AM

Hi,

See if this part of the documentation helps.

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ezvpn505.html#wp1010896

If this doesn't help, please provide us a santised copy of the configuration on the 5505 and 501 so that we can review the stuff and suggest a few things.


Cheers,


Nash.

0 Helpful
Customers Also Viewed These Support Documents