04-19-2011 11:57 PM
Dears
I am using site to site vpn with ASA 5550
and some users telnet to a unix macine on the the other end.
the problem appear if the session is ideal for 30s,
can any one help ??
Thanks,
04-20-2011 04:24 AM
I don't think it is anything to do with the site-to-site VPN itself.
You might want to look into TCP timeout on both the ASA and see if there is any idle timeout configured to be 30 seconds.
04-20-2011 04:38 AM
hi
all the TCP timeout is more then 30s .
the telnet session is working fine if i use citrix vpn.
but not with Cisco VPN
04-20-2011 05:14 AM
I assume that the VPN Client itself does not get disconnected when the telnet session disconnects? Are you still able to access
any other servers via the VPN Client connection? Can you ping the server when the telnet session disconnect? I assume that reconnecting back to the telnet session works fine after it gets disconnect?
One of a possible reason why it's working fine via Citrix gateway is because connection between Citrix to the server does not pass through the firewall.
With VPN Client access, the VPN is terminated on the firewall and the clear text packet still gets inspected on the firewall. Is there any other specific timeout that is configured under policy-map?
04-24-2011 09:23 AM
I found what cause the issue but i could not solve it.
the telnet session sent TCP-keep-alive ,apparently the firewall drop them
so the session closed.
any idea in how to resolve this problem
Thanks
03-09-2022 02:53 PM
Did anyone find a solution for this? I am having a similar problem.
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide