paolo bevilacqua Tue, 09/22/2009 - 00:20
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Which timeout are you talking about ?

Connection timeout is like 45 secs actually.

xzjleo2005 Tue, 09/22/2009 - 02:07
User Badges:

It's TCP connection time out. In ASA, default setting is 1 hour. You can change it with command 'timeout conn 2:00:00'. Just want to know if there are any commands in router can change it.


Thanks. Leo

paolo bevilacqua Tue, 09/22/2009 - 03:23
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Again, you should indicate what exact timeout are you talking about.

xzjleo2005 Tue, 09/22/2009 - 03:35
User Badges:

Actually our problem is the one application which base on telnet keep dropping out every 15 minutes in IPSec VPN environment (ASA to router). So I am checking if I can set the TCP connection time out in a longer value on router and ASA to resolve the issue.


Thanks. Leo

paolo bevilacqua Tue, 09/22/2009 - 03:37
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Check the ipsec idle session timeouts.

xzjleo2005 Tue, 09/22/2009 - 16:01
User Badges:

Thanks for your reply.


I checked the ASA, the VPN tunnel has been up and running for more than 24 hours, so I don't believe it's tunnel up/down issue. Also all other applications are working fine except this telnet applications.


And the issue didn't happen when we used frame-relay circuit before, we just migrated to DSL VPN in last week. I added the CBWFQ on ASA and router, but it doesn't help.


Any other ideas?


Thanks. Leo

Actions

This Discussion