Chapter9 Easy VPN Remote
Create Easy VPN Remote
9-80
Cisco Router and Security Device Manager Version 2.2 Users Guide
OL-4015-08

User Authentication (XAuth)

User authentication (XAuth) appears in this window if the Cisco IOS image on
the router supports Easy VPN Remote Phase III. If user authentication does not
appear, it must be set from the router command-line interface.
Choose one of these ways to enter the XAuth username and pa ssword:
Manually in a web browser window
Note The web browser option appears only if supported by the Cisco IOS
image on your router.
Manually from the command line or SDM
Automatically by saving the username and password on the router
The Easy VPN server may use XAuth to authenticate the router. If the server
allows the save password option, you can eliminate the need to enter the
username and password each time the Easy VPN tunnel is established by this
option. Enter the username and password provided by the Easy VPN server
administrator, and then reenter the password to confirm its accuracy. The
information is saved in the router configuration file and used each time the
tunnel is established.
Caution Storing the XAuth username and password in router memory c reates a security
risk, because anyone who has access to the router configuration can obt ain this
information. If you do not want this information stored on the router, do not enter
it here. The Easy VPN server will simply challenge the router for the username
and password each time the connection is established. Additionally, SDM cannot
itself determine whether the Easy VPN server allows the save password option.
You must determine whether the server allows this option. If the server does not
allow this option, you should not create a security risk by entering the information
here.
Interfaces
In this window, you specify the interfaces that will be used in the Easy VPN
configuration.