Hung Remote Access Connections
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2013 09:51 AM - edited 02-21-2020 06:36 PM
Hi all,
A lot of times our users will have a bad connection from where they are connecting in from. Their Internet connection will drop and the VPN Client disconnects but on our Cisco ASA5520, the connection will still be connected and when their Internet connections comes back, they are not able to connect as the session is still up on the 5520. Is there a way to make the connection clear quicker? I have IKE Keepalives on the RA Profile (Confidence 300 seconds, Retry Interval 2 seconds) but it seems to keep the session longer than that. Is there anything I can do to make the connection clear quicker?
Thanks
Victor
- Labels:
-
Remote Access
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2013 09:58 AM
Hi,
I haven't tried this myself but you could have a try at setting the "vpn-idle-timeout
- Jouni
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-09-2013 11:19 AM
If you've applied that DPD parameters to correct group-policy/users connections will time out correspondingly. For your environment i think that it worth to shorten DPD settings to threshold 10 and retry 2 (as min as possible) due to flapping internet connections on client sites. Plus, as said in previos post, u can set vpn-idle-timeout to some minutes, but it's not technically related to your problem.
