Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
227
Views
0
Helpful
1
Replies

Cisco VPN Client Dissconection error

uzair.infotech
Level 1
Level 1

‎03-01-2016 03:10 AM

Hi all,

I am using two Cisco 5520-X firewall in active and standby server. Both firewall is configured as Easy VPN server and using Cisco VPN client for RA users. I have only one public address 116.58.x.x configured on OUTSIDE interface. Whenever active firewall goes down and standyby takes up my VPN client goes down and i need to reconnect. Please advise so my VPN client remains up incase of failover.

Note: I also minimize the failover polltime i.e interval 200 msec and holddown 800 msec.

Regards,

Uzair Hussain

Labels:
0 Helpful
1 Reply 1

Aditya Ganjoo
Cisco Employee
Cisco Employee

‎03-01-2016 06:12 AM

Hi Uzair,

It should automatically connect back as soon as the ASA fails over to the standby.

You should connect the syslogs on the ASA whenever this happens.

I understand you want to also reduce times associated with failover during interface failure
on ASAs. This can be achieved by reducing the poll time and hold time for
interface using the commands mentioned here:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/ha_ac
tive_standby.html#wp1116389

Specifically, the command you need to edit is the failover polltime
interface command. Please note that keeping the values really low can lead
to false failovers at times.

You can read more about the interface testing procedure here:
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/ha_ov
erview.html#wp1079057

Regards,

Aditya

Please rate helpful posts.

0 Helpful
Customers Also Viewed These Support Documents