I have a Cisco VPN Client that must remain connected throughout the business day. The session disconnects approxamately every 2 hours. Is there an inactivity timeout that can be increased to allow an 8-10 hor connection?
What version of the vpn client and what version of the pix code are you running? I assume that the pix is the ipsec gateway, that is it terminates the ipsec tunnel to the client, am I correct?
In the case of pix 6.3 being the gateway, there are two parameters with respect to the vpngroup (easy vpn server) config that come into play, the idle- and max-time parameters. The values that the client uses are these as they get pushed from the pix to the client. If this is your case, you will need to have them adjusted.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...