Dear Rahul,

i am not able to connect to the vpn. following the link below:

http://www.cisco.com/c/en/us/support/docs/ip/layer-two-tunnel-protocol-l2tp/200340-Configure-L2TP-Over-IPsec-Between-Window.html

can you advise

Regards,

John

When you attempt to connect from the PC, what do you see there?

Can you check the ASA show command during the connection attempt?

If it simply times out and you see no SAs in progress (MM WAIT), can you confirm the traffic is reaching the ASA?

Hi Marvin,

can you advise i have attached the photos on this post the first picture is the error on the PC side and show commands for sa are blank on the 2nd photo

The two attachements are both from the ASA - one from the ASDM wizard and one from the cli.

We need to see the status while the PC attempts to connect. Best would be to do a packet capture on the ASA filtering on the PC's IP address that is presented to the ASA (probably its public IP - i.e. what is shown from whatismyip.com - unless you are in a strictly internal test environment)

Dear Marvin,

thank you for your inputs, apparently i have tested the configuration using Windows 7 and it worked fine. However, testing on the windows 10 PC fails. Any idea why?

FW# sh crypto isakmp sa

IKEv1 SAs:

   Active SA: 1
    Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 1

1   IKE Peer: 6x.XXX.x.6
    Type    : user            Role    : responder
    Rekey   : no              State   : MM_ACTIVE

FW# sh crypto ipsec sa
interface: WAN
    Crypto map tag: SYSTEM_DEFAULT_CRYPTO_MAP, seq num: 65535, local addr: XXX.XXX.XX.XXX

      local ident (addr/mask/prot/port): (Xxx.XX.XXX.x11/255.255.255.255/17/1701)
      remote ident (addr/mask/prot/port): (XXX.XX.XXX.x/255.255.255.255/17/0)
      current_peer: XX.X.XXX.XX, username: vpn
      dynamic allocated peer ip: 172.16.17.200
      dynamic allocated peer ip(ipv6): 0.0.0.0