Showing results for 
Search instead for 
Did you mean: 

McAfee SaaS firewall causing IPSEC VPN disconnections

We have a large number of sites using Cisco ASA5505 firewalls with the IPSEC (ikev1) client in a very standard setup (just the basic wizard driven config, split tunneling and RADIUS enable). These have always worked well and we never having any problems until the last few weeks. The problem appears to be that the clients just randomly disconnect after a number of minutes, and sometimes this could up to an hour or more. On further investigation it would appear that if there is no traffic over the VPN then the connection drops, even through the idle timeout is set to 30 mins. The fix seems to require the disabling of the McAfee SaaS Firewall service.

We are taking the assumption that the firewall is blocking keep-alive traffic or dead peer detection of some kind, and therefore the client or firewall are assuming disconnection after a short period of no actual traffic (pinging the host network will keep the connection alive).

Recently McAfee updated the SaaS client to version 6 which includes v15 of the firewall service, and it seems to be related.

We are trying to get something out of McAfee to see whats changed, but I wonder if anyone else has experienced this and has found a policy workaround to prevent having to disable the firewall entirely.