Easy VPN tunnel issue

Unanswered Question

I have 4 - 871's running 12.4(T8) that connect to an ASA running 8.x code utilizing EasyVPN. The problem is that 2 of the 871's connect and pass traffic without issue but the other 2 connect only for about 5 minutes. The configuration are all the same aside from ip's. I'm running the EasyVPN's in network extension mode. The weird thing is that they can pass traffic for about 5 minutes but following that they can not. ISAKMP and IPSEC stay connected and all appears as though it should be working but it doesn't.

871 config.

ip dhcp excluded-address


ip dhcp pool POOL1

import all





domain-name microchip.com

lease 3


crypto ipsec client ezvpn hw-client

connect auto

group EasyVPNGroup key xxxxxx

mode network-extension

peer x.x.x.x

username mchp_easyvpn password xxxxxx

xauth userid mode local





interface FastEthernet0


interface FastEthernet1


interface FastEthernet2


interface FastEthernet3


interface FastEthernet4

ip address dhcp client-id FastEthernet4

ip virtual-reassembly

duplex auto

speed auto

crypto ipsec client ezvpn hw-client


interface Vlan1

description LAN

ip address

ip tcp adjust-mss 1400

crypto ipsec client ezvpn hw-client inside

ASA: I created an EasyVPNGroup.

group-policy EasyVPNGrpPolicy internal

group-policy EasyVPNGrpPolicy attributes

vpn-simultaneous-logins 10

vpn-idle-timeout none

vpn-session-timeout none

vpn-tunnel-protocol IPSec

password-storage enable

ip-comp disable

re-xauth disable

pfs enable

ipsec-udp disable

ipsec-udp-port 10000

nem enable

no nat's and routes are all setup and working.

Just curious if anyone has had a similiar issues or any thoughts would be appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion