01-27-2009 05:43 PM - edited 02-21-2020 04:08 PM
We recently replaced our PIX515e with an ASA5510. It is running 8.0.4 code. After we installed the ASA our IPSec remote access VPN connections have been dropping off after approximately 2 - 3 minutes (whether there is activity or not). Below is what I captured from the IPSec VPN client:
Cisco Systems VPN Client Version 5.0.05.0280
Copyright (C) 1998-2009 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 6.0.6001 Service Pack 1
Config file directory: C:\Program Files\Cisco Systems\VPN Client\
1 20:31:40.170 01/27/09 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=192.168.167.10, error 0
2 20:31:41.184 01/27/09 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: CleanUpVASettings: Was able to delete all VA settings after all, error 0
The client was running Vista 32-bit SP1 as the underlying OS. I have verified all vpn-idle-timeout and isakmp timeout settings as well verified that there is no packet loss when this occurs. We have never encountered this issue until we made the switch to the ASA. Is this a known issue? Is there a bug ID associated to it?
Any info would be appreciated.
Joe
02-02-2009 09:03 AM
follow the bug CSCeg58999 - CTCP: IPSec/TCP tunnel disconnects as DPDs are not properly...
02-03-2009 01:06 AM
I was getting similar error messgaes. Happened to check my route table in vista machine when nothing else worked. Default route should be the gateway assigned to host machine. it worked after changing the default routes which vista was taking.
02-03-2009 05:41 AM
I checked the Vista client and unfortunately it did not resolve the issue. Just as an FYI the exact same issue is occuring from XP clients as well.
Unfortunately I cannot view the details of the previous post - the bug ID is "Cisco Eyes Only".
05-05-2009 01:25 PM
Hi,
I was wondering if you resolved your issue with your vpn dropping?
Craig
05-05-2009 02:37 PM
Yes...it turned out that the issue was being caused by our Cisco ACS server. We had to perform a software upgrade.
Joe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: