Hi,

I had configured a remote access vpn on an internet with xauth and i was working fine. Now, I have to add site-to site vpn on the same interface, hence the same crypto map.

Now, the site-to-site vpn is not working. After debugging, I found out that the s2s remote router were asked xauth authentication.

I have desactivated xauth and the sitetosite vpn are working.

Is there a means to allow continue to allow xauth on remote access and allow the site2site vpn to work?

Here is my configuration

crypto isakmp policy 1

encr 3des

authentication pre-share

crypto isakmp key yyyyy address x.x.x.x

crypto isakmp client configuration group myvpn

key zzzzz

pool mypool

acl 101

max-logins 3

crypto ipsec transform-set obrset esp-3des esp-md5-hmac

crypto ipsec transform-set strong esp-3des esp-sha-hmac

!        

crypto dynamic-map dynmap 10

set transform-set obrset

crypto map vpnmap client configuration address respond

crypto map vpnmap 2 ipsec-isakmp

set peer wwwww

set transform-set strong

match address 132

crypto map vpnmap 50 ipsec-isakmp dynamic dynmap

crypto map vpnmap client configuration address respond

no crypto map vpnmap client authentication list vpnaccess ################removed for s2s vpn to work

no crypto map vpnmap isakmp authorization list vpnautho ################ removed for s2s vpn to work

aaa authorization network vpnautho local

aaa authentication login vpnaccess local

Could you please help. The aim is to have the site2site vpn work without xauth and the remote access to work with xauth

Thanks,

Ashley