09-18-2008 11:39 AM - edited 02-21-2020 03:00 AM
Hi ALL!
Please tell me, What must I do that my VPN between ASA and Vista work?
Win XP works good.. but Vista with the same setting on the PC side does not work...
my config:
crypto ipsec transform-set vista esp-des esp-md5-hmac
crypto ipsec transform-set vista mode transport
crypto dynamic-map l2tp-dyna 20 set transform-set vista
crypto map l2tp-map 20 ipsec-isakmp dynamic l2tp-dyna
crypto map l2tp-map interface insidecrypto isakmp enable inside
crypto isakmp policy 5
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp nat-traversal 30
group-policy l2tptest internal
group-policy l2tptest attributes
dns-server value 10.48.4.5 10.48.4.3
vpn-tunnel-protocol IPSec l2tp-ipsec
username vista password vista nt-encrypted
username employee attributes
vpn-group-policy l2tptest
tunnel-group DefaultRAGroup general-attributes
address-pool pptp-pool
authentication-server-group (inside) LOCAL
default-group-policy l2tptest
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key vista
peer-id-validate nocheck
tunnel-group DefaultRAGroup ppp-attributes
no authentication chap
authentication ms-chap-v2
and logs in attach
09-19-2008 03:05 AM
I have a new problem, I think that phase 1 is done, but the phase 2 not.
I think that it was a isakmp policy. I adding some policy and phase 1 is done.
and when I pushing command:
sho crypto isakmp sa
ASA5550-sec(config)# sho crypto isakmp sa
Active SA: 1
Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 1
1 IKE Peer: 10.48.6.3
Type : user Role : responder
Rekey : no State : MM_ACTIVE
but when I writing command :
ASA5550-sec(config)# sho crypto ipsec sa
There are no ipsec sas
what is the problem?
and the last in log I see:
%ASA-5-713068: Group = DefaultRAGroup, IP = 10.48.6.3, Received non-routine Notify message: Invalid ID info (18)
What is it mean?
logg in attach
in the configure in the fist post there is mistake. I using policy-group l2tpipsec.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide