Hello,
I set up a remote user vpn on a Pix last year, and now one of the users wants to trade in his Cisco VPN Client for a site-to-site vpn via his Cisco 806 router. The problem is that he has a dynamic address with his ISP, so I can't enter a specific "isakmp key *** address n.n.n.n..." for him on the Pix. Since I have Xauth configured for all the other remote users, to accompany the existing wild-card pre-shared key, I need to somehow hard-code the user id and password into his router/vpn client -- don't know if this can be done. In other words, if it could be done at the hub (Pix), I'd have two wildcard preshared keys -- one that requires xauth, and one that does not. But of course this is impossible. So the next thought is to see if the answering of Xauth prompts can be automated at the router/spoke/client. Cisco has nothing that I could find on this. Many thanks to anyone who would share some thoughts on this.
I set up a remote user vpn on a Pix last year, and now one of the users wants to trade in his Cisco VPN Client for a site-to-site vpn via his Cisco 806 router. The problem is that he has a dynamic address with his ISP, so I can't enter a specific "isakmp key *** address n.n.n.n..." for him on the Pix. Since I have Xauth configured for all the other remote users, to accompany the existing wild-card pre-shared key, I need to somehow hard-code the user id and password into his router/vpn client -- don't know if this can be done. In other words, if it could be done at the hub (Pix), I'd have two wildcard preshared keys -- one that requires xauth, and one that does not. But of course this is impossible. So the next thought is to see if the answering of Xauth prompts can be automated at the router/spoke/client. Cisco has nothing that I could find on this. Many thanks to anyone who would share some thoughts on this.