L2TP win7 / win8 to cisco ASA 5505

Hi all,

I am trying to get a windows vpn connection into cisco ASA 5505.

I was originally told it was not possible by our contractor who originally set it up (2/3 years ago), but lately I have had to sort a few bits out through the visual tool (adsm 5.2) and wanted to give it another go.

We currently have vpn setup and working using the cisco tool, but with 64bit I think we have a beta version that we have to use, which doesn't always put you inside the network as such, also as we used win vpn with previous router, I get top brass constantly asking when we can go back to that!!!

ideally I want a simple way to VPN using windows client and have seen that people have examples which I have tried to copy as closely as possible but with no success.

Has anyone achieved this and is there a basic setup I can follow (and not the one that involves references to a radius server as I have followed this to no avail)

I would hopefully be able to do this through the viaual ASDM tool as I am not connected via serial. It is also a functioning LIVE system so need to be carefull with any experiments!!

Our setup is as follows
ASA Version: 7.2(4)
ADSM Version: 5.2(4)
Firewall Mode: Routed
Total Flash: 128 MB
Device Type: ASA 5505
Context Mode: Single
Total Memory: 512 MB

Thank You

David Smith
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Have you tried following Pete Long's guide to setting up L2TP/IPsec on the ASA?


It's very good and explains the process very well.

Depending on your clients windows version, you can increase the security by changing the ISAKMP policies and Transport rules to match those supported by the lowest version of Windows you need to support. I would suggest Win 7 as a minimum to support AES256 & SHA.

A list of the supported encryption settings in each version of windows can be found at http://technet.microsoft.com/en-us/library/dd125380(v=ws.10).aspx.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CEL_ITAuthor Commented:
Hi InteraX

I have had a quick look at the link and noticed the versions are newer than what I am running

Cisco ASA5505 version 8.4(3)and ASDM version 6.4(7).

Is there a simple way of updating the versions and keeping settings or will I have to start from scratch if I update?

Also I have not connected to the ASA direct, I tend to use ASDM. Would I need to get a direct connection via serial and run some other software to connect?

Thank you
IPsec/l2tp support was added a long time ago before 7.2. The process to configure should be broadly the same. ASDM should follow the same steps, but using a different interface.

To access the cli, you can use telnet (not reccomended), ssh or a console cable. PuTTY or TeraTerm are both free tools that can do serial, telnet, ssh & more.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.