Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Easy VPN tunnel issue

I have 4 - 871's running 12.4(T8) that connect to an ASA running 8.x code utilizing EasyVPN. The problem is that 2 of the 871's connect and pass traffic without issue but the other 2 connect only for about 5 minutes. The configuration are all the same aside from ip's. I'm running the EasyVPN's in network extension mode. The weird thing is that they can pass traffic for about 5 minutes but following that they can not. ISAKMP and IPSEC stay connected and all appears as though it should be working but it doesn't.

871 config.

ip dhcp excluded-address


ip dhcp pool POOL1

import all






lease 3


crypto ipsec client ezvpn hw-client

connect auto

group EasyVPNGroup key xxxxxx

mode network-extension

peer x.x.x.x

username mchp_easyvpn password xxxxxx

xauth userid mode local





interface FastEthernet0


interface FastEthernet1


interface FastEthernet2


interface FastEthernet3


interface FastEthernet4

ip address dhcp client-id FastEthernet4

ip virtual-reassembly

duplex auto

speed auto

crypto ipsec client ezvpn hw-client


interface Vlan1

description LAN

ip address

ip tcp adjust-mss 1400

crypto ipsec client ezvpn hw-client inside

ASA: I created an EasyVPNGroup.

group-policy EasyVPNGrpPolicy internal

group-policy EasyVPNGrpPolicy attributes

vpn-simultaneous-logins 10

vpn-idle-timeout none

vpn-session-timeout none

vpn-tunnel-protocol IPSec

password-storage enable

ip-comp disable

re-xauth disable

pfs enable

ipsec-udp disable

ipsec-udp-port 10000

nem enable

no nat's and routes are all setup and working.

Just curious if anyone has had a similiar issues or any thoughts would be appreciated.