Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

asa 5505 + l2tp

Hi,

I was following the below doc to configure basic l2tp access for win XP default vpn network connection:

http://cisco.com/en/US/docs/security/asa/asa80/configuration/guide/l2tp_ips.html

l2tp config lines:

ip local pool MS-POOL 192.168.22.90-192.168.22.99

crypto ipsec transform-set MICROSOFT esp-des esp-md5-hmac

crypto ipsec transform-set MICROSOFT mode transport

crypto isakmp enable outside1

crypto isakmp nat-traversal 20

l2tp tunnel hello 50

group-policy MS-GROUP-POLICY internal

group-policy MS-GROUP-POLICY attributes

wins-server value 192.168.22.1

dns-server value 192.168.22.1

username NAME password XXXXXXXXXXXXX nt-encrypted

username NAME attributes

vpn-tunnel-protocol l2tp-ipsec

tunnel-group WIN-VPN type ipsec-ra

tunnel-group WIN-VPN general-attributes

address-pool MS-POOL

default-group-policy MS-GROUP-POLICY

tunnel-group WIN-VPN ppp-attributes

authentication ms-chap-v2

tunnel-group WIN-VPN ipsec-attributes

pre-shared-key TESTkey

WINDOWS XP:

default vpn connection + security tab->advanced option:

require encrypion + protocols MS-CHAP + MS-CHAP v2

ipsec settings -> configured pre-shared key TESTkey

win xp error: 800 unable to establish vpn connection...

The question is what lines I'm missing?

I'm trying to do the simple config similar to vpdn group..., vpdn username... on PIX

Thanks & Regards,

Pawel

1 REPLY
New Member

Re: asa 5505 + l2tp

Hi,

From the registry setting remove the value=1

Raj

138
Views
0
Helpful
1
Replies
CreatePlease login to create content