Task 4 is also optional. If XAUTH is not being used, then skip this task.
With XAUTH configured, the VPN tunnel must be initiated manually, for at
least the first time. The Cisco IOS software message shown in Figure
is displayed
because the software is waiting for a valid XAUTH username and password. This
message will be displayed whenever an administrator logs in to the remote
router console port.
Step 1 Enter the crypto
ipsec client ezvpn xauth command.
Step
2 Enter the username and password as prompted.
Which of two
options happens next is determined by the XAUTH configuration:
- With just the XAUTH feature enabled, when the SA expires, the username and
password must be re-entered manually. This process is ongoing. The same Cisco
IOS message will be displayed and the user will have to repeat this manual
process to re-authenticate each time.
- With the XAUTH password save enabled, when the SA expires, the last valid
username and password will be reused automatically. This option is the more
popular of the two.