IPSec VPN resets H323hostcall connection after 1 hour

Unanswered Question
Aug 22nd, 2010

Hello everyone,

I've an IPSec tunnel between Cisco ASA5540 and Cisco 2851. I use this tunnel for Video conferenc calls as well where I am facing a wiered problem.

Problem statement:

IPSec tunnel resets h323hostcall TCP connection ( on TCP port 1720) after 1 hour and call gets disconnected. I've gathered logs on both VC (Video conference) client and gatekeeper side and saw resets as follows:

On Client side( behind 2851): a TCP reset sent by Gatekeeper( behind ASA)

On Gatekeeper side            : a TCP reset sent by client

Now i dont see any TCP reset generated on client or Gatekeeper itself which means these are generated by ASA and sent both ways. I even configured conn and h252 idle timeout to be 2 hours on ASA ( default is 1 hour on ASA) but its still same.

Please let me know if there's anything missing.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jitendriya Athavale Mon, 08/23/2010 - 01:35

hmmm, can you please send us the logs and captures on asa

here is the link which will help you take logs and captures


you can filter them based on src and dst ip and and also start collecting them during this time range approx 58-59mins, the reason being since its video traffic the captured data may be too much to upload if we collect captures for more than few mins

please log at level 6 or 7


This Discussion