cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
219
Views
0
Helpful
1
Replies

IPSEC VPN Client Drops

lou_young
Level 1
Level 1

I'm currently migrating my remote access VPN system from an old Nortel box to an ASA infrastructure.

Mostly everything is great with the ASA system, beta users are reporting better speed and easier use. However, while I have never experienced dropped connections myself, there are a large number of reports of users getting kicked off the system unexpectedly. These users never had this issue on the Nortel system. It doesn't appear to be a timeout/inactivity issue.

Is it possible that the ASA VPN client is more sensitive to less than impressive network connections than the Nortel client? Is there any log I can check to find out the cause of the disconnects? Are there some parameters I can tune to help the connections stay active?

Thanks!

1 Reply 1

umedryk
Level 5
Level 5

show asp drop is very useful cmd to check the log.

Try this:

Adjust ISAKMP Keepalives using following cmd

crypto isakmp keepalive 15 5

This command would allow the ASA to send dead peer detection (DPD) messages to each other.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: