Hi, I just configured L2TP-over-IPSec on a ASA5505 as described in the Cisco Configuration Guideline.
When I try to connect from a Windowsmachine nothing happens. So I captued udp1701 packets at the outside interface to see if these packets arrive at the outside interface at all. In the capture I can see the packets arriving as I thought they should. But the ASA doesn't seems to be to interested in this packets because there is nothing happening at all.
I tried any debug-command I could find in the cli-guide to check if there's anything what might help me to debug but it's as though the packets doesnt reach the ASA - but still I can see them arriving at the outside interface.
On the ASA there also several l2l and vpnclients configured (static crypto maps and one dynamic for the vpnclients) which work perfectly well - perhaps there's something preventing the ASA from processing these l2tp-packets? (Ethereal confirms that these packets are valid l2tp on udp1701 when i fetch the capture file from the ASA)
Hope, anyone can give me a hint why the ASA doesn't like to process the l2tp-packets, or either a hint how i can get some debug information but without it I'm obviously not able to debug anything. That doesn't mean that I didn't checked the config twice, three, four, fivetimes so far.
Regards, Heiko