Hi folks, I was hoping someone might be able to suggest what I may be doing wrong here. My ASA5505 8.2(2) is configured for remote VPN access using L2TP over IPsec. Phases 1 and 2 complete correctly but authentication fails. When I debug LDAP while trying to establish the VPN, I get this:  Session Start  New request Session, context 0xd82eda50, reqType = Authentication  Fiber started  Failed: The username or password is blank  Fiber exit Tx=0 bytes Rx=0 bytes, status=-3  Session End Resetting 172.20.0.3's numtries ERROR: Invalid password I don't understand where the 'username or password is blank' error comes from, as neither is blank. When I test the same server entry using the built-in 'test aaa-server authentication' command it all works fine! Some snips of config: aaa-server x protocol ldap aaa-server x (inside) host 172.20.0.3 timeout 5 server-port 389 ldap-base-dn dc=x,dc=local ldap-scope subtree ldap-naming-attribute sAMAccountName ldap-login-password ***** ldap-login-dn cn=uid,cn=users,dc=x,dc=local tunnel-group DefaultRAGroup general-attributes address-pool clientVPNpool authentication-server-group x default-group-policy DefaultRAGroup Any assistance would be greatly appreciated. Thanks, Philip
I have this problem too.
Correct Answer by Dileep Sivadas ... about 6 years 10 months ago
Only PAP authentication is supported if you configure LDAP server for authentication.
Change authentication to PAP and try.
tunnel-group DefaultRAGroup ppp-attributes
Check this Link