Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
441
Views
0
Helpful
5
Replies

VPN sessions disconnects often on PIX 6.3 ver.

Anand Narayana
Level 6
Level 6

‎07-03-2007 10:11 PM

Hi,

we have establised site-to-site vpn & it is been working for quite a long time, now the problem is very often say 30-40 ping requests i get 4-5 request timed out, that time my ssh sessions via vpn getz disconnectz & again i need to start a separate ssh session to the vpn to my remote end. the vpn's public IP address pings perfect without any request timed out, only problem is the vpn private address where i face the problem, i doubted the ISP, but they are very clear the there is no packet drop. can you help me this regd. what went wrong & what is making my vpn sessions getting disconnecting often?

Note: there is no problem on the remote end server also, its not only with 1 ip address on the remote, itz for all the private ip address. & that it is happening only from my end & not from any of our other networks, bcoz they can ping perfect & working fine when connecting to the remote end where my vpn is also connected.

Labels:
0 Helpful
5 Replies 5

timkaye
Level 1
Level 1

‎07-03-2007 11:18 PM

Hello.

Are you saying the that the remote site, via VPN is workinig perfectly for any other site with the exception of one host at one sit?

Tim

0 Helpful

Anand Narayana
Level 6
Level 6
In response to timkaye

‎07-03-2007 11:24 PM

k lemme explain the scenario,

HQ in US, all the other branch officess site-to-to site vpn is working perfect which is connected to HQ, only my vpn session(which is one of the branch) is getting disconnected often.

i tried a continuous ping to the HQ public ip address, it is pinging perfectly, but when i tried pinging the private ip address via VPN, i get request timed out 1ce in every 30-40 pings, bcoz of this, when i do an SSh to the servers in my HQ, the SSH sessions are getting disconnected.

0 Helpful

timkaye
Level 1
Level 1
In response to Anand Narayana

‎07-03-2007 11:30 PM

Thanks

i understand. And you do not have this problem at another site?

Can you confirm the configs for lifetimes are the same at each end?

0 Helpful

jaffer_sathik2010
Level 1
Level 1

‎07-04-2007 01:38 AM

Hi,

I also suspect that this might be because of timeout values. so, can you please increase the isakmp 'ideal timeout' value as well as isakmp 'keep alive' value and let me know the result ?

--Jaffer

0 Helpful

Anand Narayana
Level 6
Level 6
In response to jaffer_sathik2010

‎07-08-2007 12:24 AM

Hey Tim & Jaffer,

thanks for ur reply, actually the probz is not related in watt u hav mentioned, the actually probz is there are 2 static routes given to my pix in the remote location, so thatz the reason it vpn was disconnecting often.

since the remote end internet load babalcer has given routes with 2 different ISP's ip address, where the load balancing was not performing properly, the probz has occured. later that probz has been rectified and it is working fine & i hav confirmed after observing it for 1 day.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents