Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
846
Views
0
Helpful
6
Replies

Configuring VPN Client to Site IPSec IKEv1 PSK XAuth on Firepower 1010

doralex2003
Level 1
Level 1

‎01-16-2025 05:17 AM

Hi!

I want to Configure VPN Client to Site IPSec IKEv1 PSK XAuth on Firepower 1010 NGFW and I have some question:

1. Do I need RADIUS server for authentication?

2. Do I need AnyConnect License for VPN Client to Site IPSec IKEv1 PSK XAuth? I have only a Basic License that came with router.

3. Can I find here a person who can help me with configuration? 

Thank you

Labels:
0 Helpful
6 Replies 6

Rob Ingram
VIP
VIP

‎01-16-2025 05:19 AM

@doralex2003 IKEv1/XAUTH remote access VPN is not supported.

For Remote Access VPN you can use either TLS or IKEv2/IPSec.

0 Helpful

MHM Cisco World
VIP
VIP

‎01-16-2025 05:20 AM

Xauth is old new is using eap-aggregate for anyconnect ikev2 ra vpn

MHM

0 Helpful

doralex2003
Level 1
Level 1

‎01-16-2025 10:12 AM

I am new on firepower, I have an RV160W and I want to make a new VPN on firepower 1010 ngfw. I don't have a Radius server so I am looking for a configuration that work with ShrewSoft and Local Authentication. I can't download from cisco, I need an account. 

I White here for help. I am a home user, I only have a router and a server Dell R730 that I want to access it remotely from anywere. 

I am looking for best but easy to config (low cost) VPN. 

0 Helpful

Rob Ingram
VIP
VIP
In response to doralex2003

‎01-16-2025 10:19 AM

@doralex2003 below is the FDM remote access VPN guide - https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/215532-configure-remote-access-vpn-on-ftd-manag.html

You can create local users on FDM so you don't need to use RADIUS or LDAP/AD authentication.

You will need AnyConnect/Secure Client VPN license, without this license you will not be able to use Remote Access VPN.

 

0 Helpful

doralex2003
Level 1
Level 1
In response to Rob Ingram

‎01-17-2025 01:55 AM

1. where do I take the client certificate? can I generate one like on my old RV160, a self signed certificate?

2. I can't download AnyConnect. I receive this message: "Service Contract Required" and I don't have a Contract. These days I am in searching for a AnyConnect License (L-AC-PLS-3Y-S1). after Licensing I will be able to download software, or is a separate license?

Thank you.

0 Helpful

Rob Ingram
VIP
VIP
In response to doralex2003

‎01-17-2025 02:00 AM

@doralex2003 the device would have a self signed certificate already, or use google to find a free SSL certificate - SSL for Free or LetsEncrypt.

You won't be able to download AnyConnect/Secure Client until you are licensed appropriately. Once you have done that, the FDM would need to be registered to Smart Licensing.

0 Helpful
Customers Also Viewed These Support Documents