08-13-2002 05:56 AM - edited 02-21-2020 11:59 AM
Does anyone know if there is a problem with long term vpn connection to the PIX with the vpn client. Users can stay connected (over dsl or cable) for a few hours then get bumped. Also at what interval do the reapers messages get sent out, and how many can you miss before the tunnel is torn down.
Thanks
08-20-2002 01:41 PM
Hi,
I think it might just be a case of the clients going past the idle timeout value, you can set this on the PIX configuration for them not to timeout by setting the value to 0. Additionally anything above v6.x on the PIX will have the DPD messages between the two sides, and missing 5 DPD's will cuase the connection to be terminated.
Hope this helps,
Regards,
Aamir
-=-
09-08-2002 10:28 AM
I'm not sure this is your exact problem but it may help. I found this in the Release Notes for Cisco VPN Client for Windows release 3.5.1 page 9.
Just do a Find File on *.pfc to do find the file mentioned below.
Allowing the VPN Client to Work Through ESP-Aware NAT/Firewalls
When using the VPN Client behind an ESP-aware NAT/Firewall, the port on the
NAT/Firewall device may be closed due to the VPN Clients keepalive
implementation, called DPD (Dead Peer Detection). When a Client is idle, it does
not send a keepalive until it sends data and gets no response.
To allow the VPN Client to work through ESP-aware NAT/Firewalls, add the
following parameter and setting to the [Main] section of any *.pcf (profile
configuration file) for the affected connection profile.
ForceKeepAlives=1
This parameter enables IKE and ESP keepalives for the connection at
approximately 20 second intervals.
For more information, see Connection Profile Configuration Parameters in the
VPN Client Administrator Guide.
09-10-2002 09:40 AM
on the client machine do a search for *.pcf and bring up that file and at the bottom where it says forcekeepalives set that to 1 and then when you have the client vpn dialer up go to options and properties and set the peer response timeout to 480
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide