Hello Kings, Thanks for the link. This has been my understanding till date. I think it's wrong, but here i go anyways :
- *xauth * -> Here, after the IKE Phase 1 exchange and after the proposal has been accepted, the ASA prompts the user for entering a username and a password for the xauth process. - *none *-> Here, the ASA does'nt prompt the user for xauth but instead looks into the user's certificate to fetch the credentials which can act as the xauth username/password. - *hybrid *-> No clue, but looks like the ASA follows both option1 and 2? Cheers, TacACK
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
