The following restrictions apply to Cisco Easy VPN:
?– No manual Network Address Translation (NAT) or Port Address Translation (PAT)
con?¬?guration is allowed.
??” Cisco Easy VPN Remote automatically creates the appropriate NAT or
PAT con?¬?guration for the VPN tunnel.
?– Only one destination peer is supported.
??” Cisco Easy VPN Remote supports the con?¬?guration of only one
destination peer and tunnel connection.
??” If an application requires the creation of multiple VPN tunnels, you must
manually con?¬?gure the IPsec VPN and NAT and PAT parameters on both
the remote client and server.
?– Cisco Easy VPN requires destination servers.
??” Cisco Easy VPN Remote requires that the destination peer be a Cisco
Easy VPN remote-access server.
?– Digital certi?¬?cates are not supported.
??” Authentication is supported using pre-shared keys (PSK).
??” Extended Authentication (XAUTH) can also be used in addition to PSKs
to provide user-level authentication in addition to device-level
authentication.
?– Only Internet Security Association and Key Management Protocol (ISAKMP) policy
group 2 is supported on IPsec servers.
??” Cisco VPN Client and server support only ISAKMP policies that use
group 2 (1024-bit Dif?¬?e-Hellman [DH]) Internet Key Exchange (IKE)
negotiation.
Pages:
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452