Since this is client server architecture in which we have a Cisco router as an Easy VPN Server, performing the responsibility of a server, the client end responsibility is fulfilled by: In this article we will focus on the Easy VPN server configuration required when we want IPSec policies to be pushed from a Cisco Secure Access Control Server 5.x as our RADIUS server. The IPSec policies can be configured on a RADIUS server and then downloaded to an Easy VPN server, further reducing configuration required on the Easy VPN server. This requires minimum configuration on the end-user side. This policy push is known as Mode Configuration.
The main advantage of Easy VPN is that IPSec policies are centrally managed on the server (Head end router providing IPSec feature) and are pushed to client devices. Allowing remote users to access corporate resources using IPSec on Cisco routers can be implemented with a feature called Easy VPN. There are times when you want your employees to have a secure access to your corporate network resources through your Cisco router, along with the option to centrally manage their access with easy and manageable configuration rollout on Cisco routers. Configuring Cisco Secure Access Control System 5.x for Easy VPN Group (Mode Configuration) and Xauth authentication.