cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Cisco Community Designated VIP Class of 2020

253
Views
0
Helpful
1
Replies
Highlighted

TLS ReconnectTimer problem

Hi,

There seems to be a problem related to the ReconnectTimer. For a 2911 router (see below for version) we have experienced TLS disconnect problems. When trying to isolate and maybe to circumvent the problem, we have activated the reconnect timer functionality as suggested.

We are now experiencing a problem where a TLS session remains stuck in the Authenticated state:

R1#show onep session all

ID         Username State            ReconnectTimer ConnectTime                 ApplicationName

7250       cisco    Authenticated    60             Wed Aug 27 22:05:51.608     test.app

R1#

The onep application itself is terminated (and hence the TCP connection to the router is also terminated), but on the router side the session is not timed out and cleaned up, as expected.

The reconnect functionality has now made the situation more difficult:

  • the router keeps the state associated with the session
  • the onep application can not be restarted with the same name
  • changing the application name allows a new connection to be established, but dpss functionality is blocked due to the state kept by the router for the stuck session

It seems like the ReconnectTimer is stuck, as the state has not transitioned to the Connected state. Might that be the case?

Best regards

Viktor

Everyone's tags (1)
1 REPLY 1

Re: TLS ReconnectTimer problem

Version:

R1#show version

Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.4(2)T, RELEASE SOFTWARE (fc1)

Technical Support: http://www.cisco.com/techsupport

Copyright (c) 1986-2014 by Cisco Systems, Inc.

Compiled Wed 26-Mar-14 14:14 by prod_rel_team

<cut>

R1#show onep status

Status: enabled by: Config

Version: 1.2.0

Transport: tls; Status: running; Port: 15002; localcert: TP-self-signed-2336861257; client cert validation disabled

Certificate Fingerprint SHA1: 735DD3F7 45B61A68 D49E30B3 ACC8B17A 207620C3

Transport: tipc; Status: disabled

Session Max Limit: 10

CPU Interval: 0 seconds

CPU Falling Threshold: 0%

CPU Rising Threshold: 0%

History Buffer: Enabled

History Buffer Purge: Oldest

History Buffer Size: 32768 bytes

History Syslog: Disabled

History Archived Session: 5

History Max Archive: 16

Trace buffer debugging level is info

Service Set: Base              State: Enabled    Version 1.2.0

Service Set: Vty                State: Disabled    Version 0.1.0

Service Set: Mediatrace        State: Disabled    Version 1.0.0

R1#

Best regards

Viktor

Content for Community-Ad
FusionCharts will render here