Hello,

I'm trying to connect an android tablet (asus transformer) to my ASA5510 ver 8.4(2)

I successfully configured to have "PHASE 2 COMPLETED"

But my droid give the message "user or password incorrect" and vpn isn't established.

I use local AAA authentification.

On the debug, I don't see anything or can't find the appropriate debug.

what can be wrong ?

Thx

my debug :

Jan 24 16:18:56 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, Generating Quick Mode Key!

Jan 24 16:18:56 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, NP encrypt rule look up for crypto map dyno 10 matching ACL Unknown: returned cs_id=ad6447a0; rule=00000000

Jan 24 16:18:56 [IKEv1]Group = DefaultRAGroup, IP = *.*.*.*, Security negotiation complete for User ()  Responder, Inbound SPI = 0x634fc2c8, Outbound SPI = 0x091a27f3

Jan 24 16:18:56 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, IKE got a KEY_ADD msg for SA: SPI = 0x091a27f3

Jan 24 16:18:56 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, Pitcher: received KEY_UPDATE, spi 0x634fc2c8

Jan 24 16:18:56 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, Starting P2 rekey timer: 24480 seconds.

Jan 24 16:18:56 [IKEv1]Group = DefaultRAGroup, IP = *.*.*.*, PHASE 2 COMPLETED (msgid=dff8cc1b)

Jan 24 16:18:56 [IKEv1]IKEQM_Active() Add L2TP classification rules: ip <*.*.*.*> mask <0xFFFFFFFF> port <28053>

%ASA-4-737013: IPAA: Error freeing address 0.0.0.0, not found

%ASA-4-113019: Group = DefaultRAGroup, Username = , IP = *.*.*.*, Session disconnected. Session Type: IPsecOverNatT, Duration: 0h:00m:02s, Bytes xmt: 803, Bytes rcv: 766, Reason: L2TP initiated

Jan 24 16:18:57 [IKEv1 DEBUG]

Group = DefaultRAGroup, IP = *.*.*.*, IKE SA MM:b2bec54b rcv'd Terminate: state MM_ACTIVE  flags 0x00010042, refcnt 1, tuncnt 1

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, sending delete/delete with reason message

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, constructing blank hash payload

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, constructing IPSec delete payload

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, constructing qm hash pa

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, Active unit receives a delete event for remote peer *.*.*.*.

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, IKE Deleting SA: Remote Proxy *.*.*.*, Local Proxy 192.168.96.2

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, IKE SA MM:b2bec54b terminating:  flags 0x01010002, refcnt 0, tuncnt 0

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, sending delete/delete with reason message

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, constructing blank hash payload

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, constructing IKE delete payload

Jan 24 16:18:57 [IKEv1 DEBUG]Group = DefaultRAGroup, IP = *.*.*.*, constructing qm hash payload

Jan 24 16:18:57 [IKEv1 DEBUG]Pitcher: received key delete msg, spi 0x634fc2c8

Jan 24 16:18:57 [IKEv1 DEBUG]Pitcher: received key delete msg, spi 0x634fc2c8

Jan 24 16:18:57 [IKEv1]Group = DefaultRAGroup, IP = *.*.*.*, Session is being torn down. Reason: L2TP initiated

Jan 24 16:18:57 [IKEv1]Ignoring msg to mark SA with dsID 401408 dead because SA deleted