https://community.cisco.com/t5/network-security/pix-515-strange-case/m-p/596878#M527333 <P>Hi All,</P><P></P><P>Have one pix 515E and is having a wried problem in it. We have a machine which connects through this pix to establish a VPN tunnel using a VPN Client S/W to a another company VPN Concentrator, The problem comes after 8 hours of consistent connectivity that the vpn client S/W drops the connection and we have to reconnect it, according to this company there VPN concentrator renews the IP address lease after 8 hours and most probably our PIX drops the connection and VPN tunnel disconnects. the difficult part in all this is that i installed the syslog and tried to find any abnormal behaviour for this problem, but nothing which would relate or help me to diagnous this problem.</P><P></P><P>our senario is like this:</P><P></P><P>we have one leased line from the ISP which is terminated on the PIX.</P><P></P><P>we have group of IPs alloted by ISP to use</P><P></P><P>we have a static translation between this VPN machine IP to one outside IP.</P><P></P><P>we have access-lists allowing specific ports and protocols for this VPN client machine for both interfaces</P><P></P><P>we have isakmp nat-traversal enable on the PIX</P><P></P><P>the timeout values are as following. (default)</P><P></P><P>timeout xlate 3:00:00</P><P>timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00</P><P>timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00</P><P>timeout uauth 0:05:00 absolute</P><P></P><P>one important thing, if i connect the VPN tunnels without bringing the PIX in between connection, it does not disconnects and that is the reason i know it's the pix which is at some point making all the problem.. and yes there is no autodisconnection feature of this VPN client S/W</P> Fri, 21 Feb 2020 08:43:20 GMT silverfoxx 2020-02-21T08:43:20Z https://community.cisco.com/t5/network-security/pix-515-strange-case/m-p/596878#M527333 <P>Hi All,</P><P></P><P>Have one pix 515E and is having a wried problem in it. We have a machine which connects through this pix to establish a VPN tunnel using a VPN Client S/W to a another company VPN Concentrator, The problem comes after 8 hours of consistent connectivity that the vpn client S/W drops the connection and we have to reconnect it, according to this company there VPN concentrator renews the IP address lease after 8 hours and most probably our PIX drops the connection and VPN tunnel disconnects. the difficult part in all this is that i installed the syslog and tried to find any abnormal behaviour for this problem, but nothing which would relate or help me to diagnous this problem.</P><P></P><P>our senario is like this:</P><P></P><P>we have one leased line from the ISP which is terminated on the PIX.</P><P></P><P>we have group of IPs alloted by ISP to use</P><P></P><P>we have a static translation between this VPN machine IP to one outside IP.</P><P></P><P>we have access-lists allowing specific ports and protocols for this VPN client machine for both interfaces</P><P></P><P>we have isakmp nat-traversal enable on the PIX</P><P></P><P>the timeout values are as following. (default)</P><P></P><P>timeout xlate 3:00:00</P><P>timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00</P><P>timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00</P><P>timeout uauth 0:05:00 absolute</P><P></P><P>one important thing, if i connect the VPN tunnels without bringing the PIX in between connection, it does not disconnects and that is the reason i know it's the pix which is at some point making all the problem.. and yes there is no autodisconnection feature of this VPN client S/W</P> Fri, 21 Feb 2020 08:43:20 GMT https://community.cisco.com/t5/network-security/pix-515-strange-case/m-p/596878#M527333 silverfoxx 2020-02-21T08:43:20Z https://community.cisco.com/t5/network-security/pix-515-strange-case/m-p/596879#M527334 <HTML><HEAD></HEAD><BODY><P>just want to thank you to everyone, just wanted to share that the problem is diagnosed and it has nothing to do with PIX or it's configuration, it is related to windows 2000 operating system. if anyone ever come across this issue kindly follow the link below.</P><P></P><P><A class="jive-link-custom" href="http://support.microsoft.com/default.aspx?scid=kb;en-us;818043" target="_blank">http://support.microsoft.com/default.aspx?scid=kb;en-us;818043</A></P></BODY></HTML> Thu, 23 Feb 2006 09:40:43 GMT https://community.cisco.com/t5/network-security/pix-515-strange-case/m-p/596879#M527334 silverfoxx 2006-02-23T09:40:43Z