03-05-2008 02:50 PM - edited 02-21-2020 03:36 PM
We have many site to site VPNs terminating into an ASA5520. The remote sites have PIX 501s. I've been hearing a lot of complaints about the telnet sessions dropping randomly or locking up. This usually coincides with Outlook saying it has lost connection to the Exchange server.
I've tried everything from setting the "sysopt connection tcpmss" to 1300 at all remote sites and the central site and increasing the "timeout conn" anywhere from 1 hour to 24 hours. None of this has helped.
My last guess is the fact that we've been maxing out our symmetrical 6mbps connection to the internet for at least 6 months now. Would the fact that its seeing pretty much 100% utilization cause these telnet sessions and/or VPN tunnels to drop?
Also, would setting the tcpmss size to 1300 cause more disconnections at all? Some guy at one of the sites is complaining that things got worse.
03-11-2008 02:42 PM
When the telnet users are kicked out, do you see the tunnel go down? Also, do you see any disconnection message either on the telnet client or on the server? I've seen several disconnection issues on telnet, ssh, ftp.... sessions over vpn and most of the
time they are because timeouts.
03-20-2008 11:13 AM
I think the entire tunnel may be dropping because they're also saying that Outlook loses connection as well. I've played with the timeout settings a ton.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide