09-21-2007 08:40 AM - edited 02-21-2020 01:41 AM
ASA 8.0(2)
ASDM 6.0(2)
All of a sudden our ASA 5520 stops responding to IPSEC clients trying to connect (both tcp/10000 and udp/4500). We don't even get any attempts in our logs. It works one day and stops working another. All other communication inbound/outbound works fine. WebVPN works fine for example.
Any ideas?
Rutger
09-27-2007 10:49 AM
The problem could be because of DPD's. Try to turn off the DPDs on the problematic client and also on the ASA. Go into the pcf on the problematic computer and set this equal to 1 and then on the ASA under the tunnel-group disable the isakmp keepalive (isakmp keepalive disable).
09-27-2007 11:18 AM
Thanks for your reply.
It is not only one client machine having troubles, but all of them. The ASA stops serving IPSEC VPN.
I will try with turning off DPD on the ASA and the client. The client is getting their settings from an ACS. Is it enough to disable it on the ACS group or do we have to disable it by editing the PCF?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide