Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Remote VPN client session disconnects after being idle for 5 minutes

I have a problem with my remote vpn client setup that everytime I became idle for 5 minutes my remote vpn connection is being disconnected. But the PIX firewall is configured to use the default idle timeout which is 30 minutes.

I'm using the following software for this setup:

Client: Cisco VPN client ver 4.8.02

Server: PIX 515E, ver 8.0(2)

Following is the global timeout settings in firewall:

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout uauth 0:05:00 absolute

Any suggestions?

Thanks,

Mahlory

7 REPLIES
New Member

Re: Remote VPN client session disconnects after being idle for 5

These global timeout settings are not relevant for VPN timeouts.

On the group policy in question, please add the following statement:

group-policy attributes

vpn-idle-timeout none

HTH

New Member

Re: Remote VPN client session disconnects after being idle for 5

The firewall is configured to use the default timeout which is 30 minutes.

See attached screen shot.

Thanks,

Mahlory

New Member

Re: Remote VPN client session disconnects after being idle for 5

Check the group-policy specific timeout:

group-policy clientgroup attributes

vpn-idle-timeout 20

New Member

Re: Remote VPN client session disconnects after being idle for 5

Hi,

I tried to set the group-policy specific timeout as below:

group-policy DfltGrpPolicy attributes

vpn-idle-timeout 50

Still my vpn session timeout after idle of 5 minutes.

Thanks,

Mahlory

New Member

Re: Remote VPN client session disconnects after being idle for 5

I noticed that if I set the timeout less than 5 minutes the timeout settings works but if the timeout is more than 5 minutes ie. 10, 20, 30, 60 mins, the vpn session still disconnects after 5 minutes.

From my vpn client logs I can see that the VPN gateway sends a RST to close the connection after 5 minutes idle.

Is this a bug or there is some other settings in the firewall that I need to check?

Regards,

Mahlory

New Member

Re: Remote VPN client session disconnects after being idle for 5

I had the same issue.

Documentation says to edit Group policy.

As you are aware, it does not change the behavior.

I found a solution using the ASDM.

Go to Configuration, VPN, General.

Edit the Tunnel Group, select the IPSec tab, and change the ISAKMP Keepalive.

I changed the Monitor keepalives, Confidence Interval to 1800 (seconds) kept the retry at 2.

Apply and Save changes.

test your vpn client.

Mine stayed connected for 29 min and change before disconnect.

Hope this helps.

New Member

Re: Remote VPN client session disconnects after being idle for 5

Mahlory,

Did you get this issue resolved?

Craig

4494
Views
0
Helpful
7
Replies