@balaji.bandithanks, the firewall is already disabled, and pptp inspection is already enable, i can connect through pptp vpn from the other networks, but when i am trying to connect through L2TP its giving me the above error on cisco asa, and on the host machine which is connecting vpn the error given below

the L2TP connection attempt failed because the security layer encountered a processing error during intitial negotiation with the remote computer,

until we get deep logs hard to asses what is wrong here - we need more information and Logs - until we see full logs we are not sure waht is failed,

post ASA  full logs from the start to end of initiation, also see if we can get any Logs in windows event viewer

provide - show run from ASA ( tell us what is the Windows Server IP address)

@balaji.bandihi there, i have replaced my outside IP with 1.1.1.1 in this config file and rest are the same settings, and my vpn server IP is 192.168.2.5 which is created as an object called VPN-Client, attached file is for the config file. please check and tell me what is missing.

when i am trying to connect from outside through L2TP its giving me error (The L2TP connection attempt failed because the security layer encountered a processing error during intitial negotiation with the remote computer)

when i am seeing in the firewall monitor log i am getting different error which is given below for your kind consideration.

please check and help me.

just to clarify is this LAB or real deployment ?  why i have asked 1.1.1.1 IP address not commonly we see for DSL ot ISP provider IP address ?

this configuration is from the real deployment, i have saved these settings from my firewall and pasted it here. and i have replaced my ISP IP with the 1.1.1.1 named Outside-Fiberlink, and the one replaced with 2.2.2.2 is for the peer ip for my site-to-site vpn which i believe is not concerned in this scenario.

@balaji.bandi  any hope for me ?

@balaji.bandi  seems like there is no solution for this thing,

@balaji.bandi

main thing which is confusing me, do i have to allow the UDP ports 1701, 500, 4500. or TCP ports 1701,500,4500

please also do let me know. and i have also permit the AH and ESP services as well in the Acl.

when i have added TCP ports 1701,500,4500 in ACL and NAT rules for thse TCP ports the error is different which is given below.

but when i have added the UDP ports 1701, 500, 4500 in ACL permit, and in NAT rules with the same UDP ports, the error is different which is also given below.

i am confused which ports i should use to allow L2TP, i have tried both TCP and UDP. but in both i am unlucky

These ports required to allow :

500, 4500, 1701

i will review the config later - I am a bit confused about your IP address, is this IP address real or removed from orginal to 1.1.1.1 2.2.2.2 5.5.55. 7.7.7,7

what you see the logs on windows server ?

i have replaced these IP's with real IP's . and i have allowed these three ports but i am not able to connect.

1.1.1.1 is for my outside interface named Outside-Fiberlink

2.2.2.2 is the IP which is the Peer IP address for my site-to-site vpn configured in firewall.

in windows logs i am not getting any error when i am connecting the L2TP vpn

i dont see any 5.5.5.5 and 7.7.7.7 IP's in my config file, let me share you the config file again.