All, I was trying to lab this and used the 12.4 doc example to map to my setup. But for some reason I could not get this to work without the "crypto isakmp identity dn" on the server.
I could do an EZVPN server to remote with two IOS devices with certs and did not need to set the identity dn on the routers. Is it safe to assume that if it is not IOS to IOS we need to explicitly set the isakmp identity dn on the server side especially for per user PKI? -Srikant
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
