asa 5505 + l2tp

pawelek_maly · ‎11-06-2008

Hi,

I was following the below doc to configure basic l2tp access for win XP default vpn network connection:

l2tp config lines:

ip local pool MS-POOL 192.168.22.90-192.168.22.99

crypto ipsec transform-set MICROSOFT esp-des esp-md5-hmac

crypto ipsec transform-set MICROSOFT mode transport

crypto isakmp enable outside1

crypto isakmp nat-traversal 20

l2tp tunnel hello 50

group-policy MS-GROUP-POLICY internal

group-policy MS-GROUP-POLICY attributes

wins-server value 192.168.22.1

dns-server value 192.168.22.1

username NAME password XXXXXXXXXXXXX nt-encrypted

username NAME attributes

vpn-tunnel-protocol l2tp-ipsec

tunnel-group WIN-VPN type ipsec-ra

tunnel-group WIN-VPN general-attributes

address-pool MS-POOL

default-group-policy MS-GROUP-POLICY

tunnel-group WIN-VPN ppp-attributes

authentication ms-chap-v2

tunnel-group WIN-VPN ipsec-attributes

pre-shared-key TESTkey

WINDOWS XP:

default vpn connection + security tab->advanced option:

require encrypion + protocols MS-CHAP + MS-CHAP v2

ipsec settings -> configured pre-shared key TESTkey

win xp error: 800 unable to establish vpn connection...

The question is what lines I'm missing?

I'm trying to do the simple config similar to vpdn group..., vpdn username... on PIX

Thanks & Regards,

Pawel

rajbhatt · ‎04-02-2009

Hi,

From the registry setting remove the value=1

Raj