Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

L2TP vpn on ASA with Dynamic DNS (DNS2GO)

Hi, I am facing issue with l2tp vpn on ASA. Its not coming up at all. I have one ADSL line which has got dynamic public IP. I have got DNS2GO account which gives me domain name which binds it to public ip. I am seeing vpn traffic hitting my firewall but its not completing IKE phase 1. error is attached in txt file.

Any kind of help would be appreciated. Also I tried another option not configuring l2tp on ASA. Let DNS2GO to use its own vpn feature which is like l2tp vpn. so I allowed required ports via my asa and did the port forwarding on ASA firewall so that it can forward the vpn traffic to server where dns2go software is installed but it is also not working. Anyone has done this kind of setup before ?? please let me know...


Cisco Employee

Re: L2TP vpn on ASA with Dynamic DNS (DNS2GO)


The first two instances in the debugs show that the proposals were not at all accepted. But towards the end of the file that you uploaded, I can see that the phase 1 proposals were accepted. But at the very same time debugs were disabled.

Also I see that the transform sets applied were changed to include transport mode transport mode. The first one doesn't include transport mode TS but later ones do include that.

Can you upload full debug at 255 level and the present show run output? Also, try creating one more isakmp policy:

crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 28800

CreatePlease to create content