Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ODBC connection times out / drops over PIX 515e site to site VPN

I have a site to site VPN setup using a PIX 515e as the hub termination point at our data center. I have a PC at the remote site that traverses that PIX to get to a database on an IBM AIX server at the data center. This database connection never used to time out or drop prior to putting them on this VPN connection. (The site used to be directly connected with a 64k link). The entire site never drops or goes down, we have several monitors in place monitoring routers/servers etc. at that site that remain solid even when this database connection dies. Any thougts on how/why this db connection is continually dropping regardless of activity? Thank you.

2 REPLIES

Re: ODBC connection times out / drops over PIX 515e site to site

It could be the vpn related idle-timeout or a generic timeout on the PIX firewall.

You would have to monitor the 'show conn det | inc ' on the PIX to see if the PIX idle timer is reaching the configured timers.

Regards

Farrukh

Silver

Re: ODBC connection times out / drops over PIX 515e site to site

I ran into an exact situation like yours, remote

PC with ODBC connection to an IBM AIX Server

running DB-2 database over a VPN with Pix as

the VPN termination. The ODBC connection

timeout even when the VPN tunnel is up and

running (I can confirm this because I have

a constant ping from the PC to the AIX Server

and with no ping loss.

I resolved the issue by terminating the VPN to

a Cisco 2811 router and just let the Pix

inspect the traffic after the traffics get

encrypted/decrytpted by the VPN router. After

that, the issue goes away.

I was under pressure to make this work so I

did not spend much time troubleshooting the VPN with Pix as the VPN termination endpoint,

but it is definitely the pix that caused this.

523
Views
0
Helpful
2
Replies
CreatePlease to create content