VPN Client(s) getting disconnected

Unanswered Question
Jun 25th, 2008

We recently converted our VPN from a 3000 series concentrator to an ASA5520. Out of the 60 or so folks that connect frequently, I have at least 2 that are having a recurring problem. They connect into the VPN just fine. They're able to access all resources just fine. However, at various points in time, their tunnel drops and they lose connectivity. According to the logs on the ASA5520 the reason for the disconnect for that particular person was "User Requested". When looking at the logs from the PC, there are only three entries. I'll add both the ASA logs, filtered for this user's ID, and the VPN Client log file. I've searched and found items similar to this but with no actual fixes.

BTW - We currently have the timout settings (max time, max idle) disabled. This was done as a troubleshooting measure for this.

Any help would be appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
trodecke Thu, 06/26/2008 - 05:55

That's possible. But it happens at multiple locations (his house, a hotel, hotspot, etc). It's also possible that it's his wireless NIC since he seems to have better luck when he's using his Sprint card. What makes it strange is that he didn't start reporting the problem until we migrated to the ASA.

purohit_810 Fri, 06/27/2008 - 19:51

I think this is caveat ID:

CSCea35592

The VPN Client event log displays the following events on Windows 2000 and/or Windows XP systems:

76 14:14:51.082 03/04/03 Sev=Warning/2 CVPND/0xA3400011

Could not find (null) in IpHlpApi.DLL

These events will only appear on operating systems that use the Virtual Adapter (Windows 2000 and Windows XP).

Can you change Your IOS and check once more.

Thanks,

Dharmesh Purohit

mkineen@ins.com Thu, 06/26/2008 - 10:01

Trodecke,

This isn't exactly a reply but I am having a very similar experience on a pair of VPN 3000 cons. These have been in place for a couple of years but over the last couple of weeks, I have been receiving reports of disconnects after a period of time. When I examine the logs, I see very similar issues. IKE key is deleted with reason: no reason given, then user is disconnected with a reason as "User Requested." I cannot seem to find a cause. Please post if you find anything out.

Thanks!

purohit_810 Fri, 06/27/2008 - 19:54

Status

Fixed

Severity

1 - catastrophic

Last Modified

Any Time

Product

Cisco IOS software

Technology

1st Found-In

12.0(24)W5(26b)

Known Affected Versions

Fixed-In

12.0(24)W5(25.24)

12.1(18.3)E

12.1(14)EB

12.0(24.4)W5(27.0.9)

Dharmesh Purohit

trodecke Mon, 06/30/2008 - 05:48

Thanks Dharmesh,

This is an ASA5520, not a Cisco router running IOS. When I do a 'sh ver' I get the following;

asa5520-plz# sh ver

Cisco Adaptive Security Appliance Software Version 7.0(7)

Device Manager Version 5.0(7)

There is no mention of IOS 12.X in there anywhere. Thanks.

Actions

This Discussion