Working even if missing some commands - VPNclient

Hi to all

a VPNclient works fine to an 877-SEC-K9 even if the following commands are not present

aaa authentication login userauthen local aaa authorization network groupauthor local ! aaa session-id common

I thought they were essential for the VPNclient to connect. Certainly I am wrong, but I don't know why and where.

TIA, Alessandro

Reply to
AM
Loading thread data ...

Hello,

These are the AAA configuration options for local database and will only be required if you are using user authentication with VPN client crypto map client authentication list userauthen crypto map isakmp authorization list groupauthor If the above two commands are there then you would require the AAA configuration commands.

If you do not have these two commands the VPN client will not prompt the user for a username and password and only the group preshared key will do the authentication. Little security problem tho.

Check this configuration out:

formatting link
is for Configuring Cisco VPN Client 3.x for Windows to IOS Using Local Extended Authentication

AM wrote:

Reply to
Vikas

required if you are using user authentication with VPN client

configuration commands.

for a username and password and only the group preshared key will do the authentication. Little security problem tho.

That's not true, because each time I connect to the router it uses both the group and user authorization.

Maybe are those commands there present in the router by default?

formatting link
Thanks,

alex.

Reply to
AM

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.