VPN Tunnel lost after some big Filetransfers

Unanswered Question
Dec 10th, 2008

Hi Forum

Some Users reporting the vpn tunnel will stop working after some time (while there working) or after some succesfully huge datatransfers.

VPN Endpoint is a Concentrator 3030

VPN Client is 4.6.x

We have about 300 Clients running without problem and some around 10 who are reporting this problems.

On the client site we turned on the logging and see nothing, the logging stops at the time where the connection is dead. On Concentrator site we see only the disconnect from the client (user requested) cause he reconnect the connection.

At the same time other clients working without problem. So I can say there is not a general problem with the internetlink or something in our enterprise network.

The one and only difference I know is that our normal users have a ADSL connection at home and the problem users have a bigger link like vdsl or cable.

Any hints for this problems?

Thank you and have a nice one

Markus Forrer

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
amritpatek Tue, 12/16/2008 - 07:46

Make sure that

•If the VPN Client is located behind a device that performs Network Address Translation (NAT)/Port Address Translation (PAT), make sure that the translation does not timeout for the VPN Client.

•Make sure the IKE keepalives are enabled. In some situations, it is necessary to disable this feature in order to solve the problem, for example, if the VPN Client is behind a Firewall that prevents DPD packets. In order to disable the IKE keepalives, complete these steps:

Choose Configuration > User Management > Groups.

Choose a VPN Client group that you work with, and click Modify.

On the IPSec tab, uncheck the IKE Keepalives box. Check the timeout settings on the VPN Concentrator and on the VPN Client. The timeout settings are found on the General tabs of the base group, group, and user settings. Choose Configuration > User Management.

craig.eyre Thu, 01/08/2009 - 10:42

Hi Markus,

Did you find a solution for your problem? Let me know as I may have something for you to check.

Craig

markus.forrer Thu, 01/08/2009 - 23:45

Hi Craig.

Jep sorry for the late answear.

Solution was Cisco VPN Client 5.x.

Thnx to all.

Regards

Markus Forrer

Actions

This Discussion