Telnet sessions over VPN are dropping

jimgrumbles · ‎03-05-2008

We have many site to site VPNs terminating into an ASA5520. The remote sites have PIX 501s. I've been hearing a lot of complaints about the telnet sessions dropping randomly or locking up. This usually coincides with Outlook saying it has lost connection to the Exchange server.

I've tried everything from setting the "sysopt connection tcpmss" to 1300 at all remote sites and the central site and increasing the "timeout conn" anywhere from 1 hour to 24 hours. None of this has helped.

My last guess is the fact that we've been maxing out our symmetrical 6mbps connection to the internet for at least 6 months now. Would the fact that its seeing pretty much 100% utilization cause these telnet sessions and/or VPN tunnels to drop?

Also, would setting the tcpmss size to 1300 cause more disconnections at all? Some guy at one of the sites is complaining that things got worse.

hadbou · ‎03-11-2008

When the telnet users are kicked out, do you see the tunnel go down? Also, do you see any disconnection message either on the telnet client or on the server? I've seen several disconnection issues on telnet, ssh, ftp.... sessions over vpn and most of the

time they are because timeouts.

jimgrumbles · ‎03-20-2008

I think the entire tunnel may be dropping because they're also saying that Outlook loses connection as well. I've played with the timeout settings a ton.