vpn client always disconnected

tonny_ecmyy · ‎12-27-2004

Hi there..just want to ask

I use vpn client to get connected to pix firewall but the problem is the vpn client always disconnected. What could be the problem, due to the internet connection?is this normal?we're using broadband connection.

vpngroup **** address-pool mypool

vpngroup **** split-tunnel 100

vpngroup **** idle-time 5400

isakmp enable outside

isakmp identity address

isakmp nat-traversal 20

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

Just need a simple answer,

Thanks,

Tonny

admukada · ‎12-28-2004

Hi Tonny,

As per the issue,VPN client connecting to the PIX disconnects.

There can be several issues.

1> We have set the idle timeout to 5400 sec.If we dont have any traffic the tunnel would drop.Is it the case?

2> Also on the VPN client on the transport tab for the connection entry you would have peer response time out.We can try increasing the time.

3> We can try to configure force kep alives on the VPN client.This can be one by eiting the PCF file.For that programsfiles>ciscosystems client> Profiles.Open up the PCF file.you would find the keep alive ,have that to be saved as 1.

Check if the above helps.

This issue yes can be with the ISP end as well.But I personally belive the chances are less.It can efinatly depend on the type of connection.

Let me know if any issue.

Adi

aditya.mukadam@gmail.com

tonny_ecmyy · ‎12-28-2004

Hi,

thanks for quick reply.

I've added KeepAlive=1 in pcf. is this correct?

I'll let you know the result later.

Thanks