02-18-2006 02:15 AM - edited 02-21-2020 12:43 AM
Hi All,
Have one pix 515E and is having a wried problem in it. We have a machine which connects through this pix to establish a VPN tunnel using a VPN Client S/W to a another company VPN Concentrator, The problem comes after 8 hours of consistent connectivity that the vpn client S/W drops the connection and we have to reconnect it, according to this company there VPN concentrator renews the IP address lease after 8 hours and most probably our PIX drops the connection and VPN tunnel disconnects. the difficult part in all this is that i installed the syslog and tried to find any abnormal behaviour for this problem, but nothing which would relate or help me to diagnous this problem.
our senario is like this:
we have one leased line from the ISP which is terminated on the PIX.
we have group of IPs alloted by ISP to use
we have a static translation between this VPN machine IP to one outside IP.
we have access-lists allowing specific ports and protocols for this VPN client machine for both interfaces
we have isakmp nat-traversal enable on the PIX
the timeout values are as following. (default)
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
one important thing, if i connect the VPN tunnels without bringing the PIX in between connection, it does not disconnects and that is the reason i know it's the pix which is at some point making all the problem.. and yes there is no autodisconnection feature of this VPN client S/W
02-23-2006 01:40 AM
just want to thank you to everyone, just wanted to share that the problem is diagnosed and it has nothing to do with PIX or it's configuration, it is related to windows 2000 operating system. if anyone ever come across this issue kindly follow the link below.
http://support.microsoft.com/default.aspx?scid=kb;en-us;818043
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide