cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3488
Views
5
Helpful
3
Replies

ASA - IPSEC tunnel on Android comes up, L2TP doesn't - why ?

jan.klicka
Level 1
Level 1

Hello

we have ASA 5520 running 8.2(3) software and we're trying to make Remote Access VPN (l2tp/ipsec) working from Android. We succeeded in making  IPSEC tunnel (ending "Phase 2 completed"), but we cannot make L2TP tunnel working.

We're using RADIUS for L2TP authentication, but ASA doesn't even try to check credentials entered by use. The same set of credentials entered on Windows {XP, VISTA, 7, Mobile} works ok.

Do you have an idea what should we look at? Which debugging options should we turned on?

Thanks

Jan Klicka, SITMP

3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

L2TP over IPSec connection from Android to ASA firewall is not supported.

Please kindly find the supported list of client for L2TP over IPSec when the headend is ASA:

http://www.cisco.com/en/US/docs/security/asa/compatibility/asa-vpn-compatibility.html#wp147104

Hello,

although Android doesn't belong to the group of supported L2TP/IPSEC VPN clients, I made it working - I followed instructions mentioned in this URL:

https://supportforums.cisco.com/thread/2012285

Key factor (at least in my case) was upgrade to 8.3(2)12

Jan Klicka, SITMP

you have to upgrade to 8.4(1). Then it works.

My ASA sucessfully authenticates Androids with RADIUS.

But: If you use freeradius, it only seems to work with cleartext passwords! No Idea about other RADIUS servers.

regads

Patrik