Hi,
I had configured a remote access vpn on an internet with xauth and i was working fine. Now, I have to add site-to site vpn on the same interface, hence the same crypto map.
Now, the site-to-site vpn is not working. After debugging, I found out that the s2s remote router were asked xauth authentication.
I have desactivated xauth and the sitetosite vpn are working.
Is there a means to allow continue to allow xauth on remote access and allow the site2site vpn to work?
Here is my configuration
crypto isakmp policy 1
encr 3des
authentication pre-share
crypto isakmp key yyyyy address x.x.x.x
crypto isakmp client configuration group myvpn
key zzzzz
pool mypool
acl 101
max-logins 3
crypto ipsec transform-set obrset esp-3des esp-md5-hmac
crypto ipsec transform-set strong esp-3des esp-sha-hmac
!
crypto dynamic-map dynmap 10
set transform-set obrset
crypto map vpnmap client configuration address respond
crypto map vpnmap 2 ipsec-isakmp
set peer wwwww
set transform-set strong
match address 132
crypto map vpnmap 50 ipsec-isakmp dynamic dynmap
crypto map vpnmap client configuration address respond
no crypto map vpnmap client authentication list vpnaccess ################removed for s2s vpn to work
no crypto map vpnmap isakmp authorization list vpnautho ################ removed for s2s vpn to work
aaa authorization network vpnautho local
aaa authentication login vpnaccess local
Could you please help. The aim is to have the site2site vpn work without xauth and the remote access to work with xauth
Thanks,
Ashley