Auto Reconnect EZVPN Client in ASA to 3005 Concentrator

Unanswered Question

My network looks like this:

Dynamic Public IP:ISP Router:NAT<----->DHCP:ASA 5505:Private LAN

The above ASA connects back to a 3005 Concentrator using EZVPN.

The problem I am having is when the ISP connection sometimes drops, the ASA EZVPN does not instantly try to reconnect once the internet connection is reestablished. It eventually does, but sometimes it takes hours.

I know you can manually force it to reconnect by browsing to the ASA's webpage, but I don't users to have to do that all the time.

Is there a VPN connection retry command for the ASA EZVPN Client?

Also, when I power off and on the ASA, the VPN connection comes back up fine. Again, it would be ideal if users did not have to do that all the time.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Wed, 05/14/2008 - 06:21

is nem enabled? split tunneling?

vpnclient nem-st-autoconnect

make sure you also have the groupname/preshared key configured, and username/passwd if using xauth.

Here is my vpnclient config:

vpnclient server *************

vpnclient mode network-extension-mode

vpnclient nem-st-autoconnect

vpnclient vpngroup ***** password ********

vpnclient username [domainuser] password [domainpassword]

vpnclient enable

Am I missing something? Split tunneling is specified on the Concentrator side and is working when the tunnel is connected.


This Discussion