Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
553
Views
0
Helpful
2
Replies

ASA not responding to IPSEC

Rutger Blom
Level 1
Level 1

‎09-21-2007 08:40 AM - edited ‎02-21-2020 01:41 AM

ASA 8.0(2)

ASDM 6.0(2)

All of a sudden our ASA 5520 stops responding to IPSEC clients trying to connect (both tcp/10000 and udp/4500). We don't even get any attempts in our logs. It works one day and stops working another. All other communication inbound/outbound works fine. WebVPN works fine for example.

Any ideas?

Rutger

0 Helpful
2 Replies 2

amritpatek
Level 6
Level 6

‎09-27-2007 10:49 AM

The problem could be because of DPD's. Try to turn off the DPDs on the problematic client and also on the ASA. Go into the pcf on the problematic computer and set this equal to 1 and then on the ASA under the tunnel-group disable the isakmp keepalive (isakmp keepalive disable).

0 Helpful

Rutger Blom
Level 1
Level 1
In response to amritpatek

‎09-27-2007 11:18 AM

Thanks for your reply.

It is not only one client machine having troubles, but all of them. The ASA stops serving IPSEC VPN.

I will try with turning off DPD on the ASA and the client. The client is getting their settings from an ACS. Is it enough to disable it on the ACS group or do we have to disable it by editing the PCF?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card