ASA 8.0 and anyconnect, sessions drop

carl.r.schultz · ‎10-10-2007

I am using the anyconnect client, my ssl connections never technically drop, however, if I have a session open, such as telnet, throught the ssl tunnel, it will randomly drop. I have keepalive enabled yet I still ahve this issue. The IPSEC client does not have the issue.

has anyone else seen this issue?

Patrick Weir · ‎04-09-2008

Carl did you ever get this resolved we are running into the same issue

Pat

stormfidus · ‎04-10-2008

I have experienced the same issue, and also interrested in how to solve it..

Darthkim_2 · ‎04-13-2008

Which version on ASA? on Client?

We've been troubleshooting some issues with our setup (5520 active/passive cluster) and our temporary fix were two things

1) reduce/Set the MTU to 1406 (in the tunnel)

2) disable DTLS.

Disabling DTLS did the most to alleviate these dropouts/performance issues.

Our particular set of apps that were affected were Outlook 2003 and SAP GUI 4.6. Disabling the DTLS made a tremendous difference.

For more explanation, please read the release notes of the ASA software version.

purohit_810 · ‎04-13-2008

See your NAT statement...

benbollinger · ‎10-02-2008

did anyone get resolution on this?

carl.r.schultz · ‎10-02-2008

im my case, I identified two issue, first my ethernet interface had a duplex mismatch with my switch, second, the ACL on my Internet router was only allowing TCP 443 and not UDP 443. UDP is for the DTLS tunnel which works much better than the standard SSL tunnel.