01-26-2015 05:37 AM - edited 02-21-2020 08:02 PM
Hello,
I am interesting if it is possible to configure ISR 1941 Router as FlexVPN Server, with simple local user/password authentication, without certificate and external RADIUS server and connect with AnyConnect VPN client. Can you provide configuration templates for this kind of configuration ?
Thank you,
02-02-2015 12:59 PM
Hi
To answer your question bluntly, but 'no', for username/password (EAP) authentication a certificate is required for the headend (as mandated by the IKEv2 RFC).
There's a feature request for IOS to act as a RADIUS device, but i've seen no traction on this since I raised it..
Sorry.
Maybe you could look at using certificates and the 1941 as the CA ?
cheers
07-02-2018 05:36 AM
Hi,
I'm looking into this:
But no "luck" getting it to work.
04-03-2019 01:17 AM
im facing the same issue, i have no idea why this is not working.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: