Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1244
Views
0
Helpful
2
Replies

VPN Client connections gets dropped

johan.lorier
Level 1
Level 1

‎03-31-2011 01:03 AM

Hi,

I have some remote locations that connect to my ASA 5510 cluster (Aktive/Passive) using the Cisco VPN Client, from which the connection gets disconnected at random intervals (could be 5 minutes, but sometimes after 15 minutes).

However, some other remote locations do not have this problem. All locations have the same VPN client configuration (distrubited by pcf file).

I already disabled isakmp keepalive on the ASA but this did not help.

If I read it correctly, the Cisco vpn client logging shows that the ASA initiates the ending of the connection.

Does anyone know how to solve this? My customers are getting a bit desperate by this problem....

847    09:13:12.015  03/31/11  Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from <ASA external IP>

848    09:13:12.015  03/31/11  Sev=Info/5 IKE/0x63000040

Received DPD ACK from <ASA external IP>, seq# received = 2407369668, seq# expected = 2407369668

849    09:13:15.453  03/31/11  Sev=Info/5 IKE/0x6300002F

Received ISAKMP packet: peer = <ASA external IP>

850    09:13:15.453  03/31/11  Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, DEL) from <ASA external IP>

851    09:13:15.453  03/31/11  Sev=Info/5 IKE/0x63000018

Deleting IPsec SA: (OUTBOUND SPI = 777EE593 INBOUND SPI = 4981296D)

852    09:13:15.453  03/31/11  Sev=Info/4 IKE/0x63000049

Discarding IPsec SA negotiation, MsgID=16F2FFA9

853    09:13:15.453  03/31/11  Sev=Info/5 IKE/0x6300002F

Received ISAKMP packet: peer = <ASA external IP>

854    09:13:15.453  03/31/11  Sev=Info/4 IKE/0x63000014

RECEIVING <<< ISAKMP OAK INFO *(HASH, DEL) from <ASA external IP>

855    09:13:15.453  03/31/11  Sev=Info/5 IKE/0x6300003C

Received a DELETE payload for IKE SA with Cookies:  I_Cookie=B0E96D7EEC290AE5 R_Cookie=84231BD425460877

856    09:13:15.453  03/31/11  Sev=Info/4 IKE/0x63000017

Marking IKE SA for deletion  (I_Cookie=B0E96D7EEC290AE5 R_Cookie=84231BD425460877) reason = PEER_DELETE-IKE_DELETE_UNSPECIFIED

857    09:13:15.500  03/31/11  Sev=Info/4 IPSEC/0x63700013

Delete internal key with SPI=0x6d298149

858    09:13:15.500  03/31/11  Sev=Info/4 IPSEC/0x6370000C

Key deleted by SPI 0x6d298149

859    09:13:15.500  03/31/11  Sev=Info/4 IPSEC/0x63700013

Delete internal key with SPI=0x93e57e77

Labels:
0 Helpful
2 Replies 2

andrew.prince
Level 10
Level 10

‎03-31-2011 01:54 AM

I have had this issue before - and it turned out that the remote users provider (they were all using the same one) had BGP issues with the Internet IP Range the VPN was on.

Check your providers.

HTH>

0 Helpful

johan.lorier
Level 1
Level 1
In response to andrew.prince

‎03-31-2011 02:15 AM

Hi,

I have som additional information:

- The ASA's are a replacement for 2 515 PIXes. On the pixes, all connections were stable.

- ASA was upgraded from 8.3.1 to 8.3.2(13), this did not improve stability

Internet providers of the remote locations are being checked now.

0 Helpful
Customers Also Viewed These Support Documents