ASA 8.0 and anyconnect, sessions drop

Unanswered Question
Oct 10th, 2007

I am using the anyconnect client, my ssl connections never technically drop, however, if I have a session open, such as telnet, throught the ssl tunnel, it will randomly drop. I have keepalive enabled yet I still ahve this issue. The IPSEC client does not have the issue.

has anyone else seen this issue?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Patrick Weir Wed, 04/09/2008 - 05:46

Carl did you ever get this resolved we are running into the same issue


Pat

Darthkim_2 Sun, 04/13/2008 - 13:16

Which version on ASA? on Client?


We've been troubleshooting some issues with our setup (5520 active/passive cluster) and our temporary fix were two things


1) reduce/Set the MTU to 1406 (in the tunnel)

2) disable DTLS.


Disabling DTLS did the most to alleviate these dropouts/performance issues.


Our particular set of apps that were affected were Outlook 2003 and SAP GUI 4.6. Disabling the DTLS made a tremendous difference.


For more explanation, please read the release notes of the ASA software version.

carl.r.schultz@... Thu, 10/02/2008 - 05:16

im my case, I identified two issue, first my ethernet interface had a duplex mismatch with my switch, second, the ACL on my Internet router was only allowing TCP 443 and not UDP 443. UDP is for the DTLS tunnel which works much better than the standard SSL tunnel.

Actions

This Discussion