Hi,
I have configured my ASA, which is already setup for site to site VPN's and Client access VPN using the Cisco Client, for L2TP/IPSEC VPN access. However, I am unable to connect from a Windows client. Below is my config and I've attached a copy of the debug. Please could you help.
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set CLIENT_ESP_3DES_MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set CLIENT_ESP_3DES_MD5 mode transport
crypto dynamic-map vpnmap_dynmap 40 set transform-set ESP-3DES-SHA
crypto dynamic-map vpnmap_dynmap 50 set transform-set CLIENT_ESP_3DES_MD5
crypto map vpnmap 65535 ipsec-isakmp dynamic vpnmap_dynmap
crypto map vpnmap interface outside2
crypto isakmp identity address
crypto isakmp enable outside2
crypto isakmp policy 5
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 10
authentication pre-share
encryption des
hash md5
group 1
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 28800
crypto isakmp policy 40
authentication pre-share
encryption des
hash md5
group 2
lifetime 86400
crypto isakmp policy 60
authentication pre-share
encryption 3des
hash md5
group 1
lifetime 86400
crypto isakmp policy 80
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal 30
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
wins-server value X.X.X.X
tunnel-group DefaultRAGroup general-attributes
authentication-server-group RADIUSAUTH
default-group-policy DefaultRAGroup
dhcp-server DHCP_SERVER
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key *
isakmp ikev1-user-authentication (outside2) none
tunnel-group DefaultRAGroup ppp-attributes
no authentication ms-chap-v1
authentication ms-chap-v2
