Buy or Renew
Buy or Renew
Notice: The file download function is disabled. We apologize for the inconvenience.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1943
Views
5
Helpful
5
Replies

VPN Client Connection Terminated

Go to solution
admin_2
Level 3
Level 3

‎03-19-2004 01:14 PM - edited ‎02-21-2020 01:05 PM

I am new to the Cisco PIX and I am having an issue with connections dropping. We are using a 515e on 6.2 and my laptops are using VPN Client 4.0 and Radius thru IAS on W2K3 Server. At about 30 minutes a window pops up indicating "Secure VPN Connection Terminated by Peer. Reason:(Reason not Specified by Peer)". I have combed thru the configuration settings and parameters of the Cisco and my connection on the Radius server and am unable to find anything to help. Any help would be appreciated.

Thanks,

Warren

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mlinsemier
Level 1
Level 1
In response to

‎03-22-2004 09:34 AM

On the PIX515 if you do a "show vpngroup" what is the "max-time" setting configured for? If it is not configured you may want to do a vpngroup max-time for the clients in the group. You can aslo adjust the max-idle here as well. While troubleshooting, maybe set both to 3600 seconds (1 hour) to see if you get disconnected. Then adjust your idle-time down (you can set it to 0 if you never want clients to idel time out) and see what happens.

Matt

View solution in original post

5 Replies 5

Go to solution
mlinsemier
Level 1
Level 1

‎03-19-2004 01:27 PM

It sounds like IETF RADIUS Attribute [027] Session-Timeout is set to 30 minutes, which disconnects every session after 30 minutes regardless if they are idle or not. I don't have IAS, but on Cisco ACS 3.2, this is where you would setup the maximum time you would want a client connected.

Matt

0 Helpful

Go to solution
Not applicable
In response to mlinsemier

‎03-22-2004 09:13 AM

I have checked all settings on Cisco and in IAS connection and I find no reference to a maximum time limit or 30 minutes. Is there a command line function I can do to look this up?

Warren

0 Helpful

Go to solution
mlinsemier
Level 1
Level 1
In response to

‎03-22-2004 09:34 AM

On the PIX515 if you do a "show vpngroup" what is the "max-time" setting configured for? If it is not configured you may want to do a vpngroup max-time for the clients in the group. You can aslo adjust the max-idle here as well. While troubleshooting, maybe set both to 3600 seconds (1 hour) to see if you get disconnected. Then adjust your idle-time down (you can set it to 0 if you never want clients to idel time out) and see what happens.

Matt

Go to solution
Not applicable
In response to mlinsemier

‎03-22-2004 10:09 AM

Thanks for the help on the command. The result was a "max-time" of 1800 (30 Minutes). I have bumped it to 3600 and am now testing.

Warren

0 Helpful

Go to solution
Not applicable
In response to mlinsemier

‎03-22-2004 12:50 PM

I completed my testing and that solved the problem. Thanks for your help.

Warren

0 Helpful
Customers Also Viewed These Support Documents