I was trying to setup easyvpn server and L2L cpn on the same ios router. When an L2L tunnel would try to establish, it would try to use xauth as this was applied to the crypto map. To fix this I created a separate isakmp profile using xauth and only applied it to the vpn group for easyvpn. Just wondering if this is the correct way to handle this, or if there is any other way (recommended or not)
crypto isakmp policy 10 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key cisco address 172.16.115.1 crypto isakmp client configuration group vpngroup key cisco pool vpnpool save-password crypto isakmp profile isakmp_dynamic match identity group vpngroup client authentication list vpn isakmp authorization list vpn client configuration address respond crypto ipsec transform-set trans1 esp-3des esp-md5-hmac crypto dynamic-map dynmap 10 set transform-set trans1 reverse-route crypto map mymap 10 ipsec-isakmp set peer 172.16.115.1 set transform-set trans1 match address vpn crypto map mymap 50 ipsec-isakmp dynamic dynmap
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
