problems with applications over vpn ipsec site-to-site

gdspa · ‎10-31-2008

Hi all,

I have some problems with some applications as Xcics and Citrix when client and server are connected through a vpn site-to-site. Clients don't seem to have any problem to connect to the server, but after a period of time, they disconnect even if users are working. Session is not closed correctly on server and stay hung, so users can't connect if the administrator doesn't close the session on the server. Some vpns pass through a Pix515E, others pass through a fwsm and an ASA5510. Does anyone knows something about this issue?

Farrukh Haroon · ‎11-04-2008

Have you enabled isakmp keepalives?

Regards

Farrukh

gdspa · ‎11-06-2008

Yes, and I have a software to monitor the connections which sends a ping every 1 minute. Disconnections happen when users are working, not after a period of inactivity.

ssandifer · ‎11-07-2008

Try increasing theses values..

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00

gdspa · ‎11-14-2008

I have controlled with ASDM.Values you indicate are unchecked on my firewall. ASDM guide says "unchecking the check

boxes means there is no timeout value", so the problem is not caused by timeouts, is it?

gdspa · ‎04-29-2010

I resolved the problem configuring connection timeout = 2 hours.

gdspa · ‎07-21-2010

problem solved, see my post of 29-apr-2009