Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2029
Views
0
Helpful
3
Replies

remote VPN, SSL VPN stop working on ASA

SYED WAJID SHAH
Level 1
Level 1

‎07-02-2010 06:11 PM

Hi,

Our ASA was working perfectly fine for remote VPN and SSL VPN but Not sure what happened it stop establishing remote VPN and SSL VPN sessions, we're working on ASA but now remote VPN, SSL VPN users can NOT logged in to the corporate network. I've checked every thing but I don't know what's missing. When I run show crypto isa sa command I get message no crypto isa, but when I compare the configs crypto is there. I've rebooted the ASA but no luck. User are able to logged in via secondary ASA.

1. Remote vpn try to initiate connection to c2.twu.com

2. gateway ask for user name / password

3. after password no response and message shows on vpn client status bar establishing session ......................

4. show crypto doesn't shows any active/inactive session info

similar things are happening when I try to initiate a session via SSL VPN, it comes to authentication page, once I enter the login credential but does nothing.

ASA Ver 8.0.3

Please advice.

Regards,

Syed Wajid.

Labels:
0 Helpful
3 Replies 3

Jorge Salas
Cisco Employee
Cisco Employee

‎07-02-2010 08:00 PM

Hello,

Do you have a pool or do you use a DHCP to give an ip to the clients?

Can you  attach the output of the debugs?

IPSEC

debug crypto isakmp 150

debug crypto ipsec 150

SSL (I guess that you are talking about anyconnect)

debug webvpn svc 255

Do you see any error in the client side?

Can you attached the logs of the clients?

0 Helpful

SYED WAJID SHAH
Level 1
Level 1
In response to Jorge Salas

‎07-03-2010 07:56 AM

I haven't run debug yet, I;ll do it first thing monday morning. any idea why this is happening? we've not made any changes to ASA?

Any advice would really appreciated.

regards,

syed.

0 Helpful

Jason Gervia
Cisco Employee
Cisco Employee
In response to SYED WAJID SHAH

‎07-05-2010 06:53 AM

Syed,

8.0(3) is old code and there were many memory leaks in it.  The last 8.0(3) code was built over 2 years ago, and the first one was built in 2007.


You should consider either opening a tac case to address your specific issue, or if you don't want to do that, upgrading to a level of code that is more current and see if you still have the same issue.

--Jason

0 Helpful
Customers Also Viewed These Support Documents