Documentations claims that too but I always these three only. Even, if you remove Service-Type=”Outbound”, it will work.
IETF A/V Pairs Required ------------------------- Service-Type=”Outbound” Tunnel-Type=”IP ESP” Tunnel-Password=”PSK" With regards Kings On Wed, Mar 21, 2012 at 11:47 AM, Joe Astorino <[email protected]>wrote: > Hello, > > I was labbing this up today with an IOS EZVPN server. I have a simple > question. Documentation suggests that we are REQUIRED to have a few > specific Cisco A/V pairs defined as well as specific IETF A/V pairs > with our base configuration. Notably: > > IETF A/V Pairs Required > ------------------------- > > Service-Type=”Outbound” > Tunnel-Type=”IP ESP” > Tunnel-Password=”PSK" > > Cisco AV Pairs Required > ------------------------ > > ipsec:tunnel-type=ESP > ipsec:key-exchange=IKE > > > When configuring this feature, I totally skipped defining the > "required" Cisco AV pairs above. I only defined the IETF pairs, then > put the rest of my normal EZVPN group configuration under the Cisco AV > Pairs (ipsec:inacl, ipsec:addr-pool, etc...). This seemed to work > just fine, so I am wondering about this. It does not seem like you > must configure the Cisco AV pairs that are said to be required. Is > this correct, and if so why? > > -- > Regards, > > Joe Astorino > CCIE #24347 > http://astorinonetworks.com > > "He not busy being born is busy dying" - Dylan > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
