09-02-2009 11:22 AM
we have ASA 5520, and all our clients use login via VPN client with IPSEC. However, users are complaining they are getting disconnected intermittently. Is there any limit for users connecting via IPSEC? Any help towards resolving this issue will be much aprpeciated.
09-02-2009 06:53 PM
look into enabling isakmp keepalive under ra tunnel attributes see if that helps.
group-policy < ra_tunnel_group_name> attributes
isakmp keepalive threshold 15 retry 10
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#Solution4
Regards
09-03-2009 07:57 AM
Anand asks if there are limits on the number of IPSec VPNs and the answer is yes there are limits. The limit varies by platform and license. The output of show version should indicate what the limit is on that ASA.
There are several things that are more likely to cause the disconnects than the limit on IPSec VPNs. You should consider the possibility that the ASA is terminating sessions because of an inactivity timeout, or terminating because of a session time limit, or terminating because there was some (fairly short) interuption of traffic going through the Internet.
HTH
Rick
09-04-2009 10:42 AM
Thanks for your response. I checked the configuration and these options are already in there, so far from last two days I have not heard any disconnect issues,however some remote tech support users who do VPN to access servers via VNC claim it is really slow and takes long time. Is there anything to check in ASA or any other ideas. Please reply.
10-07-2009 03:45 PM
Still the vpn connection is getting disconnected. Is there anything to be checked in the VPN config.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide