VPN Client needs to re-authenticate

Unanswered Question
Jul 16th, 2009
User Badges:


Since a couple of weeks we have an issue we did not have before. When an IPSEC VPN client is connect to an ASA 5520 after a certain amount of time the user is asked to re-authenticate with the radius server.

I have checked the policies etc and could not find anything in the time-out options which would cause this.

Anyone here know anything about this that could help us solve the issue.

The users should just be able to login once and then keep the connection active forever without the need to reauthenticate.

System is an ASA 5520 with 8.2.1 software installed. Could it be that the change ocurred when we changed to the new software a couple of weeks ago?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Ivan Martinon Tue, 07/21/2009 - 07:23
User Badges:
  • Cisco Employee,

Version 8.2 should keep the same command sintaxys and stuff, so you might want to look at the group policy and search for "reauthentication on rekey" feature, this causes that everytime the keys expire and the connection is still active the user is asked for xauth again. If the feature is on, this will happen so you may want to make sure it is off.

Arp_Hiemstra Tue, 07/21/2009 - 22:33
User Badges:

Ok, had a look at that and this was set. Altered the feature and seems to be working better now. Thanks!


This Discussion