IPSec VPN disconnects after 2 minutes

Unanswered Question
Jan 27th, 2009

We recently replaced our PIX515e with an ASA5510. It is running 8.0.4 code. After we installed the ASA our IPSec remote access VPN connections have been dropping off after approximately 2 - 3 minutes (whether there is activity or not). Below is what I captured from the IPSec VPN client:

Cisco Systems VPN Client Version

Copyright (C) 1998-2009 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Windows, WinNT

Running on: 6.0.6001 Service Pack 1

Config file directory: C:\Program Files\Cisco Systems\VPN Client\

1 20:31:40.170 01/27/09 Sev=Warning/2 CVPND/0xA3400015

Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=, error 0

2 20:31:41.184 01/27/09 Sev=Warning/2 CVPND/0xA3400015

Error with call to IpHlpApi.DLL: CleanUpVASettings: Was able to delete all VA settings after all, error 0

The client was running Vista 32-bit SP1 as the underlying OS. I have verified all vpn-idle-timeout and isakmp timeout settings as well verified that there is no packet loss when this occurs. We have never encountered this issue until we made the switch to the ASA. Is this a known issue? Is there a bug ID associated to it?

Any info would be appreciated.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
simranjohar Tue, 02/03/2009 - 01:06

I was getting similar error messgaes. Happened to check my route table in vista machine when nothing else worked. Default route should be the gateway assigned to host machine. it worked after changing the default routes which vista was taking.

j-shearer Tue, 02/03/2009 - 05:41

I checked the Vista client and unfortunately it did not resolve the issue. Just as an FYI the exact same issue is occuring from XP clients as well.

Unfortunately I cannot view the details of the previous post - the bug ID is "Cisco Eyes Only".

craig.eyre Tue, 05/05/2009 - 13:25


I was wondering if you resolved your issue with your vpn dropping?


j-shearer Tue, 05/05/2009 - 14:37

Yes...it turned out that the issue was being caused by our Cisco ACS server. We had to perform a software upgrade.



This Discussion