ASA with RAS vpn and Xlate problems

Unanswered Question
Nov 5th, 2007

I have an ASA with the Ras vpn configured and working. The problem is that many times after Ive connected to the vpn then disconnected, I cannot vpn back into the network unless I manually login into the firewall and clear xlate.

then the vpn works fine again. This happens every few days. Does anyone know if there is some kind of timeout value causing this problem.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jsivulka Mon, 11/12/2007 - 11:34

You have to either reload or clear xlate to clear the problem, is there a more permanent solution. Also you can do a "show conn" to verify how many connections on the Firewall at anyone time. For automatic xlate clearing, you can adjust the xlate timeout using the "timeout xlate" command, eg, the default parameters for the "timeout xlate" command is, timeout xlate 3:00:00 conn 1:00:00 half-closed 0:10:00 udp 0:02:00


This Discussion