Re: ASA - IPSEC tunnel on Android comes up, L2TP doesn't - why ?

jan.klicka · ‎01-26-2011

Hello

we have ASA 5520 running 8.2(3) software and we're trying to make Remote Access VPN (l2tp/ipsec) working from Android. We succeeded in making IPSEC tunnel (ending "Phase 2 completed"), but we cannot make L2TP tunnel working.

We're using RADIUS for L2TP authentication, but ASA doesn't even try to check credentials entered by use. The same set of credentials entered on Windows {XP, VISTA, 7, Mobile} works ok.

Do you have an idea what should we look at? Which debugging options should we turned on?

Thanks

Jan Klicka, SITMP

Jennifer Halim · ‎01-26-2011

L2TP over IPSec connection from Android to ASA firewall is not supported.

Please kindly find the supported list of client for L2TP over IPSec when the headend is ASA:

http://www.cisco.com/en/US/docs/security/asa/compatibility/asa-vpn-compatibility.html#wp147104

jan.klicka · ‎02-04-2011

Hello,

although Android doesn't belong to the group of supported L2TP/IPSEC VPN clients, I made it working - I followed instructions mentioned in this URL:

https://supportforums.cisco.com/thread/2012285

Key factor (at least in my case) was upgrade to 8.3(2)12

Jan Klicka, SITMP

patrik.spiess · ‎04-07-2011

you have to upgrade to 8.4(1). Then it works.

My ASA sucessfully authenticates Androids with RADIUS.

But: If you use freeradius, it only seems to work with cleartext passwords! No Idea about other RADIUS servers.

regads

Patrik