Hi Erik, Try this:
aaa authentication login LOCAL_AUTH local >>> keeps your SSH & Telnet working aaa authorization network VPN_LOCAL_AUTH local >>>> for Xauth crypto map REMOTE_VPN client authentication list LOCAL_AUTH crypto map REMOTE_VPN isakmp authorization list VPN_LOCAL_AUTH Create dynamic crypto map for the L2L: ********************************************** crypto dynamic-map REMOTE_MAP 1 set transform-set STRONG-AES reverse-route Let the Remote Access VPNs come first: ********************************************** crypto map REMOTE_VPN 1 ipsec-isakmp Then proceed with a dynamic map: ********************************************** crypto map REMOTE_VPN 120 ipsec-isakmp dynamic REMOTE_MAP Apply crypto map on the interface. Kind regards, Bernard On 2 February 2012 06:28, Erik Sundberg <[email protected]> wrote: > Does anyone have an example of a Cisco Router that has a L2L VPN and a Remote > Access VPN with xAuth? > > I can get one or the other working, but not both. For some reason the L2L VPN > want to use XAuth cause it not to work. > > Just need the crypt * and the aaa * commands. > > Thanks > > Erik > > > > ________________________________ > CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files or > previous e-mail messages attached to it may contain confidential information > that is legally privileged. If you are not the intended recipient, or a > person responsible for delivering it to the intended recipient, you are > hereby notified that any disclosure, copying, distribution or use of any of > the information contained in or attached to this transmission is STRICTLY > PROHIBITED. If you have received this transmission in error please notify the > sender immediately by replying to this e-mail. You must destroy the original > transmission and its attachments without reading or saving in any manner. > Thank you. > _______________________________________________ > cisco-nsp mailing list [email protected] > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ -- Bernard Wanyama Technical Manager SYNTECH ASSOCIATES Ltd Kampala, Uganda Cell: +256 712 193979 Fixed: +256 414 251591 Web: www.syntechug.com Email: [email protected] _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
