ASA 8.0 and anyconnect, sessions drop

Unanswered Question
Oct 10th, 2007
User Badges:

I am using the anyconnect client, my ssl connections never technically drop, however, if I have a session open, such as telnet, throught the ssl tunnel, it will randomly drop. I have keepalive enabled yet I still ahve this issue. The IPSEC client does not have the issue.

has anyone else seen this issue?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Patrick Weir Wed, 04/09/2008 - 05:46
User Badges:

Carl did you ever get this resolved we are running into the same issue


Darthkim_2 Sun, 04/13/2008 - 13:16
User Badges:

Which version on ASA? on Client?

We've been troubleshooting some issues with our setup (5520 active/passive cluster) and our temporary fix were two things

1) reduce/Set the MTU to 1406 (in the tunnel)

2) disable DTLS.

Disabling DTLS did the most to alleviate these dropouts/performance issues.

Our particular set of apps that were affected were Outlook 2003 and SAP GUI 4.6. Disabling the DTLS made a tremendous difference.

For more explanation, please read the release notes of the ASA software version.

carl.r.schultz@... Thu, 10/02/2008 - 05:16
User Badges:

im my case, I identified two issue, first my ethernet interface had a duplex mismatch with my switch, second, the ACL on my Internet router was only allowing TCP 443 and not UDP 443. UDP is for the DTLS tunnel which works much better than the standard SSL tunnel.


This Discussion