We upgraded ASR to new IOS-XE 16.9.4 Fuji and faced with new syntax of the command "isakmp authorization list <name> password <password>" under "crypto isakmp profile <name>"
In previous version, there was command "isakmp authorization list <name>" without password but in new version there is new attribute in this command: "password".
There is no documentation about new syntax, cisco hasn't updated guides about ISAKMP section in 16.9.4 version.
So could someone explain me what is the "password" and what I have to enter there?
I have resolved the issue. You can put any pass if you are using local database, it is only related if you are using external RADIUS.
We just upgraded our 4331 IOS Router to IOS-XE 16.9.4 and now have the same issue. We setup a password and this fixed our Site2Site VPNs (non-RADIUS) but our Cisco VPN Clients use RADIUS via Microsoft NPS\AD and these login connections are still failing. Any suggestions?
Please post your radius configuration from the router and also please state what radius software are you using.
Thanks for sharing. Do we have to put this password anywhere else or only in a router's config?
I'm not sure what the isakmp authorization list password is for exactly. I did set it the same as our RADIUS server - not sure if it mattered.