IPSEC VPN Client Drops

Unanswered Question

I'm currently migrating my remote access VPN system from an old Nortel box to an ASA infrastructure.

Mostly everything is great with the ASA system, beta users are reporting better speed and easier use. However, while I have never experienced dropped connections myself, there are a large number of reports of users getting kicked off the system unexpectedly. These users never had this issue on the Nortel system. It doesn't appear to be a timeout/inactivity issue.

Is it possible that the ASA VPN client is more sensitive to less than impressive network connections than the Nortel client? Is there any log I can check to find out the cause of the disconnects? Are there some parameters I can tune to help the connections stay active?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
umedryk Wed, 06/20/2007 - 14:22

show asp drop is very useful cmd to check the log.

Try this:

Adjust ISAKMP Keepalives using following cmd

crypto isakmp keepalive 15 5

This command would allow the ASA to send dead peer detection (DPD) messages to each other.


This Discussion