I am trying to establish L2TP/IPSec VPN using ASA 8.4(2) and Windows 7 (64-bit) but getting error 720 while trying to connect from windows 7 pc.
Kindly find the attached configuration and error snap shot.
1. ASAs configuration looks correct, but I don't understand why you use a DHCP server if you indicate VPN pool.
tunnel-group DefaultRAGroup general-attributes
2. Verify that the addresses of VPN pool don't overlap with the local address of your computer.
3. Maybe the cause is in the Windows 7. Check it out.
Rebuild the TCP/IP stack by opening an command prompt and entering the following command:
netsh int ip reset >> ResetIP.log
Next restart the computer and try again establish L2TP connectin.
Yes dhcp was unnecessary and there is no overlap between VPN pool and local network.
I tried point # 3 as well but no luck , same error is appearing.
Usually debugging is used in these kind of situations.
debug crypto ikev1
debug crypto ipsec
and see what's happenning when you're trying to establish connection.
Plus, though it's not critical, I wouldn't rely on the default tunnel-group/group-policy configurations. It's allwas better to create some new, and tune them.
In the debug provided, username test is used for connection.
The only username that may be used, having what's in your running config, is l2tp:
username l2tp password 31XddrF4FUa04JqfYDr2Jw== nt-encrypted
So, check again what username/password is used for the connection, and change it to l2tp/password-for-l2tp-user