user lose session with server while the VPN still established and not disconnected

Ibrahim Jamil · ‎07-08-2012

Hi Experts

i have user connected to office using cisco vpn client , cisco asa 5520 acts as vpn gateway, frequently the users got disconnected from the server while the VPN still established and not disconnected!

what is the cause of the issue , where the fault is located ? how to start the troubleshooting to figure out the issue

thanks

jasmil

Julio Carvajal · ‎07-13-2012

Hello Ibrahim,

Run captures on the ASA Inside interface

capture capin interface inside trace match tcp/udp host x.x.x.x(Remote_client_local_pool_ip) host y.y.y.y ( internal host_ip) eq (tcp or udp port)

then create an ASP capture ( will show all the packets being dropped by the Accelerated Security Path {Algorithm used by the ASA}) With this we will be able to determine if the ASA is dropping the packets.

capture asp type asp-drop all circular-buffer

Then install wireskark on the server an run a capture while the VPN user connects, create a filter for the remotevpn ip address and check what happens ( witch messages you see ) when the user experiments the issue.

You can provide the

-Show cap capin

-Show cap asp | include x.x.x.x (Remote_client_local_pool_ip)

-The wireshark capture

''All of this after a connection was made and the issue was seeing)

Regards,

CSC it's a free support community take your time to rate all the engineer's responses that help you resolving your problems.

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC