07-16-2009 04:49 AM
Hello,
Since a couple of weeks we have an issue we did not have before. When an IPSEC VPN client is connect to an ASA 5520 after a certain amount of time the user is asked to re-authenticate with the radius server.
I have checked the policies etc and could not find anything in the time-out options which would cause this.
Anyone here know anything about this that could help us solve the issue.
The users should just be able to login once and then keep the connection active forever without the need to reauthenticate.
System is an ASA 5520 with 8.2.1 software installed. Could it be that the change ocurred when we changed to the new software a couple of weeks ago?
Thanks
07-21-2009 07:23 AM
Version 8.2 should keep the same command sintaxys and stuff, so you might want to look at the group policy and search for "reauthentication on rekey" feature, this causes that everytime the keys expire and the connection is still active the user is asked for xauth again. If the feature is on, this will happen so you may want to make sure it is off.
07-21-2009 10:33 PM
Ok, had a look at that and this was set. Altered the feature and seems to be working better now. Thanks!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide