When an Easy VPN Remote client initiates a connection with an Easy VPN
Server gateway, the conversation that occurs between the peers generally
consists of the following major steps:
- Device authentication via ISAKMP
- User authentication using IKE Extended Authentication (XAUTH)
- VPN policy push, when using mode configuration
- IPSec Security Association (SA) creation
The following is a detailed description of the Easy VPN Remote
connection process
:
Step 1 The VPN Client initiates the IKE Phase 1
process.
Step 2 The VPN Client establishes an
ISAKMP SA.
Step 3 The Easy VPN Server accepts
the SA proposal.
Step 4 The Easy VPN Server
initiates a username/password challenge.
Step 5
The mode configuration process is initiated.
Step
6 The Reverse Route Injection (RRI) process is initiated.
Step 7 IPSec quick mode completes the
connection.