Hi,

Does anyone know if it is possible to enable Xauth on pix. I have read multiple threads about using the following cmds:

username test123password testing privilege 2

aaa-server LOCAL protocol local

crypto map mycrypto client authentication LOCAL

However the f/w wont let me add the crypto map cmd, just comes back with the following:

PIX(config)# c.rypto map mycryptomap client authenication LOCAL

Usage:  [ show ] crypto { ca | dynamic-map | ipsec | isakmp | map | sa } ...

        show crypto engine [verify]

        [ show | clear ] crypto interface [counters]

Being pix I cant get anymore help from it. I also tried the following, but they dont work and I am not sure if they are meant for Xauth since I was under the impression that it had to be enabled globally.

PIX(config)# vpngroup test authentication-server LOCAL

Protocol "local" is not supported for authentication of remote users of a h/w client

PIX(config)# vpngroup test user-authentication       

Please configure an authentication server before enabling user authentication.

This is the details of the f/w:

Cisco PIX Firewall Version 6.3(5)

Cisco PIX Device Manager Version 3.0(4)

Hardware:   PIX-506E, 32 MB RAM, CPU Pentium II 300 MHz

Flash E28F640J3 @ 0x300, 8MB

BIOS Flash AM29F400B @ 0xfffd8000, 32KB

This PIX has a Restricted (R) license.

Has anyone encountered this problem or know how to fix it? Everything I read on Internet and past threads suggests that the crypto map cmd should work, so cant understand why the firewall wont take it.

Thanks