[c-nsp] IOS VPN Client Group Issue
Thomas Beecher
tbeecher at localnet.com
Mon Aug 25 12:37:04 EDT 2008
I've come across something odd. I think that this is just a simple
oversight on my part, hopefully another set of eyes will catch this for me.
I've got a 2621 running 12.2(46a) that I'm using to terminate a few VPN
tunnels. Right now, I have three point to point tunnels up, and working
without issue. This morning, I started adding the config for VPN client
access, and that's where I've getting hung up.
Under the crypto isakmp client configuration command, I should have a
'group' option to setup the VPN group parameters. However, I do not. The
only option I have is 'address-pool' . As far as I can tell, this image
should support that command.
I'm fairly certain that I have the correct aaa commands in place to
enable group authorization, however there are some pre-existing AAA
commands on this router that could be hanging me up.
Here's the aaa config:
aaa new-model
aaa authentication login default group tacacs+ line enable
aaa authentication login rev_tel line enable
aaa authentication login userauthen local
aaa authorization network groupauthen local
Am I missing something painfully obvious here?
Thanks in advance,
Tom
More information about the cisco-nsp
mailing list