Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1165
Views
0
Helpful
3
Replies

VPN concentrator 3020 - wait for user logout before poweroff

Go to solution
Bela Mareczky
Level 1
Level 1

‎05-06-2010 04:56 AM

Dear Forum Community!

We have a Cisco 3020 concentrator VPN load-balancing cluster configured, the device at primary site operating with master priority. We would like to shut down the master device because of a short maintenance.

I wonder if there is an option in VPN concentrator GUI, which waits for all active sessions to voluntary terminate before shutdown/reboot. Does anybody have any experience about this feature?

There are always ~80-100 remote access VPN user online, and don't want to break these user's connections with a simple poweroff.

Thanks and BR

Belabacsi

Budapest, Hungary

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
slmansfield
Level 4
Level 4
In response to slmansfield

‎05-06-2010 09:25 AM

I just wanted to clarify two things.

I always save my configuration file ahead of rebooting.  That is why I reboot without saving. I think my wording may have been misleading. 

If you require your clients to re-authenticate the VPN session after a specified period of time, for example 10 hours, the VPN session will be moved to another cluster member when the session is re-authenticated.  Each client won't have to re-establish the VPN session on another concentrator in the cluster.   If you are not using this feature you'll have to wait until each of them terminates his VPN session.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
slmansfield
Level 4
Level 4

‎05-06-2010 09:06 AM

Yes, I have a lot of experience with that feature, it is wonderful.  The setting to change is:

Administration -> System Reboot

Click the radio button for:  Shutdown without automatic reboot

Click the radio button for whatever is appropriate for saving your configuration file.  I always make sure my configuration file is saved, so I usually chose: Reboot without saving active configuration file

Last, and most important, click the radio button for Wait for sessions to terminate (don't allow new sessions)

If the device is the cluster master, one of the other cluster members will immediately take over as the master.

I have never had a problem with this disrupting service.  It is a great feature for managing changes without disrupting anyone.

HTH

0 Helpful

Go to solution
slmansfield
Level 4
Level 4
In response to slmansfield

‎05-06-2010 09:25 AM

I just wanted to clarify two things.

I always save my configuration file ahead of rebooting.  That is why I reboot without saving. I think my wording may have been misleading. 

If you require your clients to re-authenticate the VPN session after a specified period of time, for example 10 hours, the VPN session will be moved to another cluster member when the session is re-authenticated.  Each client won't have to re-establish the VPN session on another concentrator in the cluster.   If you are not using this feature you'll have to wait until each of them terminates his VPN session.

0 Helpful

Go to solution
Bela Mareczky
Level 1
Level 1
In response to slmansfield

‎05-07-2010 11:55 PM

Dear slmansfield!

Thanks for Your answer! Great feature, working perfectly! :-)

Regards,

Belabacsi

0 Helpful
Customers Also Viewed These Support Documents