Re: Loss of Management and new sessions on VPN3030

salmodov · ‎08-28-2007

Our primary corporate VPN conentrator is refusing new session authentication as well management access, but continues to serve existing sessions.

That is what we found, as well. Additionally, the box stopped accepting

remote access for management. Only local console access was functional.

Nothing had changed in the network other than an increase in user load for

RSA authentication. The VPN3030 chassis was rebooted last night and the

problem resolved upon reboot. That implies a problem with the cisco box.

Are there any known problems with VPN3030 and any of the following:

* increased user load (only 12.8% capacity reported by the device at the

time of the trouble)?

* specific issue with RSA authentication servers?

purohit_810 · ‎08-28-2007

Can you check Memory of VPN concetrator???

Also do one thing choose option

In interface configuration ---> click on Outside interface ---> Use Fragement Prior to IPsec encapsulation without path MTU Discovery (Clear DF bit).

(Do same for Inside also)

Also change MTU size instead of 1500 to 1200.

and observe the result.

Regards,

Dharmesh Purohit

salmodov · ‎08-28-2007

What exaclty will this do and what does it have to do with loosing the management intface as well? The active sessions are still there now you know. Any help would be great

In interface configuration ---> click on Outside interface ---> Use Fragement Prior to IPsec encapsulation without path MTU Discovery (Clear DF bit).

(Do same for Inside also)

Also change MTU size instead of 1500 to 1200.