L2tp microsoft client and ASA

bsnell · ‎03-09-2009

when using the microsoft L2TP client with the username@tunnelgroup attribute the ASA does not parse the username and group it fails on username and password. I am using the local database for testing. Is this a bug or could I be missing something in the configuration as this part is straight forward.

tunnel-group cisco type remote-access

tunnel-group cisco general-attributes

address-pool ciscotest

default-group-policy cisco

tunnel-group cisco ipsec-attributes

pre-shared-key *

group-policy cisco attributes

dns-server value 4.2.2.2

vpn-tunnel-protocol l2tp-ipsec

username test password DLaUiAX3l78qgoB5c7iVNw== nt-encrypted privilege 0

username test attributes

vpn-group-policy cisco

group-lock value cisco

on client test@cisco as the user name

Any thoughts

Thanks

Report Inappropriate Content · ‎03-15-2009

The security appliance does not establish an L2TP/IPsec tunnel with Windows 2000 if either Cisco VPN Client 3.x or Cisco VPN 3000 Client 2.5 is installed. Disable the Cisco VPN service for Cisco VPN Client 3.x, or the ANetIKE service for Cisco VPN 3000 Client 2.5 from the Services panel in Windows 2000. In order to do this choose Start > Programs > Administrative Tools > Services, restart the IPsec Policy Agent Service from the Services panel, and reboot the machine.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807213a7.shtml