Have you this in your config?
aaa authentication login xauth local aaa authorization network groupauth local From: [email protected] [mailto:[email protected]] On Behalf Of Nick Montante Sent: Saturday, February 05, 2011 11:56 PM To: [email protected] Subject: [OSL | CCIE_Security] Legacy IOS EasyVPN Hello all, I am going through several possible configurations for EasyVPN and I am currently trying to configure auto connect with saved password on the client. After configuring the server configuration group to allow for clients to save their XAUTH password, I am still receiving this error on two separate clients: *Mar 1 04:44:46.618: EZVPN(ez) Server does not allow save password option, enter your username and password manually *Mar 1 04:44:46.622: EZVPN(ez): *** Logic Error *** *Mar 1 04:44:46.626: EZVPN(ez): Current State: READY *Mar 1 04:44:46.626: EZVPN(ez): Event: MODE_CONFIG_REPLY *Mar 1 04:44:46.630: EZVPN(ez): Resetting the EZVPN state machine to recover[OK] R3# *Mar 1 04:44:46.646: %CRYPTO-6-EZVPN_CONNECTION_DOWN: (Client) User= Group=ezgroup Client_public_addr=10.123.0.3 Server_public_addr=10.123.0.1 Server configuration looks like this: username cisco password 0 cisco ! crypto isakmp policy 10 encr 3des authentication pre-share group 2 ! crypto isakmp client configuration group ezgroup key cisco pool ezpool save-password ! crypto ipsec transform-set myset esp-3des esp-sha-hmac ! crypto dynamic-map dynmap 10 set transform-set myset ! crypto map clientmap client authentication list xauth crypto map clientmap isakmp authorization list groupauth crypto map clientmap 10 ipsec-isakmp dynamic dynmap ! ip local pool ezpool 10.1.100.101 10.1.100.105 Client configuration looks like this: crypto ipsec client ezvpn ez connect auto group ezgroup key cisco mode network-plus peer 10.123.0.1 username cisco password cisco xauth userid mode local Are legacy EasyVPN Remotes (IOS) not allowed to save their XAUTH password? Is this reserved for software clients? Thanks, ___ Nick Montante Sr. Network / Systems Engineer CLARKWESTERNTM Building Systems, Inc. 6110 US HWY 129 N Pendergrass, GA 30567 V (706) 693-3038 M (706) 372-6635 CCNA, CCSP, MSCE+S This communication is the property of CLARKWESTERN Building Systems,Inc. and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply and destroy all copies of the communication and any attachments.
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
