Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA 5520 7.2 vs. win7 L2TP over IPSec

Hi,

i set up remote access VPN connection from windows server 2003 against ASA 5520 using a pre-shared key. I used a L2TP over IPSec method. This work fine, when i use a md5 authentication, but as i found Windows 2003 is not working with SHA authentication.

But when i use a Microsoft Windows7 client to conect to ASA it is not working aganst md5. In ASA logs is statement "All SA proposals found unacceptable". I found that is a problem with authentication but changing to SHA is not working too.

Have someone idea how to configure ASA and Microsoft windows 7 client together? 

Win7 client was configured like this:

data encryption-->Require encryption

Allow these protocols-->Microsoft CHAP version 2

I attached my config with SHA.

Many Thanks.

Lubo.

2 REPLIES
Super Bronze

Re: ASA 5520 7.2 vs. win7 L2TP over IPSec

Try to configure more than 1 isakmp policy as follows:

crypto isakmp policy 20
authentication pre-share
encryption 3des
hash md5
group 1
lifetime 86400

crypto isakmp policy 30
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400

crypto isakmp policy 40
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400

If it still doesn't work, please kindly run "debug cry isa" and "debug cry ipsec" and gather the output to see where it's failing. Thanks.

New Member

Re: ASA 5520 7.2 vs. win7 L2TP over IPSec

Hi,

i added new policies to configuration but conection is unsuccessfull again.In attachcement is a output from debug command. Output from Win7 client is in attachement too.

I think most important line is  All IPSec SA proposals found unacceptable!.

Thanks,

Lubos.

699
Views
0
Helpful
2
Replies