Hi all I am trying to understand the purpose of *"isakmp ikev1-user-authentication".*
When a tunnel-group is configured for *"isakmp ikev1-user-authentication"*, then the ASA first authenticates itself by presenting a cert and then the client is prompted for username/password. Am I right? As per the guidelines and the O/P, both trustpoint and pre-shared are required for isakmp ikev1-user-authentication. Why is pre-shared key mandatory? Can't cert be used for the ISAKMP authentication Please clarify. asa2(config-tunnel-ipsec)# isakmp ikev1-user-authentication hybrid ERROR: Add a valid pre-shared key to configure Hybrid Auth. asa2(config-tunnel-ipsec)# isakmp ikev1-user-authentication hybrid ERROR: Add a valid trust point to configure Hybrid Auth. With regards Kings
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
