Solved: IPSec VPN auto-timeout after 60 Minutes

memon.yasir · ‎09-08-2012

Dear All,

I am facing an issue. When my clients are connecting to IPSec remote VPN after an hour it automatically disconnects the connection. User need to re-authenticate. I also changed the timers of IPSec SA and ISAKMP timer, but still same problem persist.

As per my findings my user authentication is getting from Cisco ACS/Radius server, which is running on default parameters and this policy is enforced by Cisco ACS. i there any suggestion how can i set the timer and rectify this issue.

Any suggestion ???

Waiting for your Responce.

Regards

Yasir

Tarik Admani · ‎09-08-2012

Yasir,

Which version of ACS are you running, and most likely the "session-timeout" attribute is probably being sent, you can either extend thsi attribute or remove it from the authorization condition.

Let me know what version of ACS you are running and I can walk you through it...

Thanks,

Tarik Admani
*Please rate helpful posts*

View solution in original post

Tarik Admani · ‎09-08-2012

Yasir,

Which version of ACS are you running, and most likely the "session-timeout" attribute is probably being sent, you can either extend thsi attribute or remove it from the authorization condition.

Let me know what version of ACS you are running and I can walk you through it...

Thanks,

Tarik Admani
*Please rate helpful posts*

memon.yasir · ‎09-08-2012

Dear Tarik,

ACS version is Version 5.2.0.26 .

Regards

Yasir

Tarik Admani · ‎09-09-2012

When you login to acs please go to your access policies and take a look at your vpn policy. In the authorization section please see which authorization profile is mapped to the vpn user. Then go to the policy elements which is above this section and then check the authorization profile and check the settings for the radius attributes for the profile mapped to your vpn policy.

Let me know if this helps