Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2584
Views
0
Helpful
1
Replies

How Anyconnect DPD works?

andre.frost
Level 1
Level 1

‎04-21-2011 06:45 AM - edited ‎02-21-2020 05:17 PM

Hi,

I have the problem Anyconnect 3.0.1 connects to ASA 8.4. After short provider outage the session is broken and not reconnects. A new connection fails because user get their IP address from AAA server, static and this is still in use at the ASA. Show session-db shows the session until it times out after 5 mins idle.Client and Gateway DPD-Intervalls are configured to 30s. Why client cannot reconnect or ASA session is not deleted if DPD should see the session problems?

Thank you

Labels:
0 Helpful
1 Reply 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎04-21-2011 02:02 PM

Hi Andre,

Funny you should ask I saw very similar sessions (for which we're waiting for logs) on ASA 8.2.3 and anyconnect 2.5.

Typically you need to send 4 DPD packets to assume session dead... which should make sure 2 minutes ... not 5.

Would you be willing to run debug on the ASA to check the the DPDs are kicking in at all and at what interval?

Marcin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents