Prev: Reason 412: The remote peer is no longer responding.
Next: load balancing with a failover
From: James on 21 Feb 2006 06:18
Thanks for your help on this. As I was investigating changing the link
to the Dialer0{ATM0.1} instead of the BVI1 for the crypto map (as you
suggested) I opened the current config for the BVI1 to see how it was
setup and when I clicked OK I got this message:

"Method list for group policy lookup contains methods not supported by
Easy VPN Server" Continue: Yes/No.

The policy is set as "default" but I can't find where this is
configured so I don't know what "default" really means. Any pointers
welcome on how to config the group policy lookup. This must be the
main issue because my connection fails because no policy was selected.

From: James on 21 Feb 2006 06:24
Just discovered that I might need a TACACS or RADIUS server/group.
What on earth are these? Are they part of this router's config? Can't
disable AAA as Easy VPN requires this.

From: Merv on 21 Feb 2006 10:41
just use aaa extended local authentication

see

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a00801c4246.shtml


!--- Enable Authentication, Authorizing and Accounting (AAA)
!--- for user authentication and group authorization.

aaa new-model

!--- To enable X-Auth for user authentication,
!--- enable the aaa authentication commands.

aaa authentication login userauthen local


!--- To enable group authorization,
!--- enable the aaa authorization commands.

aaa authorization network groupauthor local

From: James on 6 Mar 2006 11:24
Merv,
I'm moving house at the moment plus have new router at home as last
firmware upgrade blew it - that's Belkin for you. Once up and running
again will try new settings and if no joy will start looking into
having a Cisco router at home as well...

First  |  Prev  | 
Pages: 1 2
Prev: Reason 412: The remote peer is no longer responding.
Next: load balancing with a failover