01-14-2006 11:38 AM
Hi,
i am facing a strange problem with vpn 3020.
site -to-site tunnel is configured between 3020 to 3015 and users from 3020 is trying access the remote end citrix server.
after a 1hr or 2hrs connection suddenly dropped and user from 3020 end could not able to connect to the remote end (3015) citrix server.
during this i can able to ping the citrix server from the vpn box and user machines.But after a reboot of 3020 everything works fine for 1 hr,again the problem comes.
i have tried to upgraded new image and new box ,but still the problem persist.
when i introduced ipsec router instead of vpn 3020 it works fine without any problem.
request your valuable comments on this...
S.H
01-19-2006 12:38 PM
At 85% of the rekey interval, the software client prompts the user to reauthenticate. If the user does not respond within approximately 90 seconds, the VPN Concentrator drops the connection.
If you have enabled the Reauthentication on Rekey feature, the VPN Concentrator prompts users to enter an ID and password during Phase 1 IKE negotiations and also prompts for user authentication whenever a rekey occurs. Reauthentication provides additional security.
If the configured rekey interval is very short, users might find repeated authorization requests inconvenient. In this case, disable reauthentication. To check your VPN Concentrator's configured rekey interval, see the Lifetime Measurement, Data Lifetime, and Time Lifetime fields on the Configuration | System | Tunneling Protocols | IPSec | IKE Proposals | Add or Modify screen.
01-19-2006 09:25 PM
Hi,
Thanks for your response.
In my case the i need to reboot the my vpn 3020 to work it again.
and more over same config is replicated in the ipsec router which is not giving any problem.
Regards,
S.H
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide