07-08-2015 11:55 AM
Does anyone have any information on configuring Easy VPN (EZVPN) Remote on an IOS XE device? Specifically on a 4300 series ISR. Again, I am looking for the REMOTE config, and not the SERVER config.
When I try to go into the ezvpn configuration mode, it acts like it is not available:
VPN01(config)#crypto ipsec client ?
% Unrecognized command
I am currently running an eval security license until my VAR can get me correct license:
VPN01#sh ver
Cisco IOS XE Software, Version 03.15.00.S - Standard Support Release
Cisco IOS Software, ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.5(2)S, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Sun 22-Mar-15 02:32 by mcpre
Cisco IOS-XE software, Copyright (c) 2005-2015 by cisco Systems, Inc.
All rights reserved. Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0. The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY. You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0. For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
ROM: IOS-XE ROMMON
VPN01 uptime is 22 hours, 33 minutes
Uptime for this control processor is 22 hours, 34 minutes
System returned to ROM by reload
System image file is "bootflash:/isr4300-universalk9.03.15.00.S.155-2.S-std.SPA.bin"
Last reload reason: Reload Command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Technology Package License Information:
-----------------------------------------------------------------
Technology Technology-package Technology-package
Current Type Next reboot
------------------------------------------------------------------
appx None None None
uc None None None
security securityk9 EvalRightToUse securityk9
ipbase ipbasek9 Permanent ipbasek9
cisco ISR4321/K9 (1RU) processor with 1666224K/6147K bytes of memory.
Processor board ID FLM1924W09S
10 Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
3223551K bytes of flash memory at bootflash:.
Configuration register is 0x2102
Thanks in advance.
07-10-2015 05:07 AM
Well, I answered my own question.
Got in touch with Cisco and they stated that EZVPN Remote is not a capability on the 4321 platform. It can however do EZVPN Server (which is not what I need).
02-15-2017 02:27 PM
Hello Carl, I'm running into this same issue. Did you ever find a way around this?
02-15-2017 05:37 PM
No, EZVPN client is not supported.
02-16-2017 04:48 AM
Cisco's recommendation was to migrate to DMVPN, which did work (and fairly well), but it was still a migration process and EZVPN is no longer supported.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide