I recently picked up a new ASA 5505 to use in a new remote office and I'm having a terrible time getting to connect via EZVPN to my 2811 ISR. This is my first ASA although I have worked with PIX in the past. I have several remote 850-series routers and several windows Cisco VPN Client windows clients that have no troubles connecting.
The ASA 5505 came with OS 8.2.1 and during the troubleshooting I have upgraded it to 8.4.1, and ASDM to 6.4. All I have done is configure the inside interface subnet and DHCP and set up the ezvpn client. There are no other customizations. I enabled crypto debug vpnclient to see whats going on. What happens is that it tries to establish the tunnel and does contact the 2811 headend but it gets to the point where it prints the preshare key, hangs for a few second, then tears down the config and starts over.
Any thoughts? Like I said, I have IOS EZVPN clients and software clients using this same vpn headend and group and they all connect just fine. Its just the ASA that has a problem. I can disconnect the ASA, plug in a laptop in its place and connect to the headend router using Cisco VPN Client without any problems.