Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1023
Views
10
Helpful
7
Replies

Process of reconnecting for a VPN user

Go to solution
kostasthedelegate
Level 4
Level 4

‎05-19-2020 06:35 AM

Hello 

 

I have two ASA that are used for VPN 

There is load balancing. 

 

I would like to know when a client disconnects if he will reconnect automatically. 

 

Thanks and regards, 

Konstantinos

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions
7 Replies 7

Go to solution
Rob Ingram
VIP
VIP

‎05-19-2020 06:54 AM

Hi,
If the user clicks the disconnect button, then the session is terminated and will not automatically reconnect, they will need to re-authenticate. If the users' session is interrupted then yes the client will automatically attempt to reconnect.

HTH
0 Helpful

Go to solution
kostasthedelegate
Level 4
Level 4
In response to Rob Ingram

‎05-19-2020 06:58 AM

Hello,

Yes, I did not specify!!
I was thinking that the client disconnects not on his own, but due to another fact i.e. the asa is down.

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to kostasthedelegate

‎05-19-2020 07:14 AM

If you are using an ASA VPN Load Balancer then the user sessions are not synced between the devices in the virtual cluster. So if the ASA you are connected to fails then the users would need to reconnect to the virtual cluster and re-authenticate.

If you have an Active/Standby HA pair then the session will failover to the other ASA and the user will not require to re-authenticate.
0 Helpful

Go to solution
kostasthedelegate
Level 4
Level 4
In response to Rob Ingram

‎05-19-2020 07:21 AM

I am in the first case.
Right the sessions are not synced between the ASA.
So if the first ASA of the cluster (higher priority) is down then we will not have any connection.
In the case that the second ASA is down we will have connection to the first ASA of the cluster.
Right?
0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to kostasthedelegate

‎05-19-2020 07:29 AM

When a client connects, the master determines the load across the VPN cluster and redirects the client connection to the least loaded ASA, distributing the user load across all of the ASAs in the virtual cluster. If the master fails, then another ASA will take up the master role, so you should always be able to authenticate.



Go to solution
kostasthedelegate
Level 4
Level 4
In response to Rob Ingram

‎05-19-2020 07:35 AM

Ok that's great.
Is there a document I could consult on these?
0 Helpful
Customers Also Viewed These Support Documents