Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

remote vpn disconnect automatically ???

I use vpn client 4.8 and pix 501. everything is working fine. but vpn client disconnect from pix automatically time to time, I have to reconnect and work again? It's not the idle problem. Here is the "show ver" output

!!!!!!!!!!!!!!!!!!!!!

vpntest(config)# show ver

Cisco PIX Firewall Version 6.3(3)

Cisco PIX Device Manager Version 3.0(1)

Hardware: PIX-501, 16 MB RAM, CPU Am5x86 133 MHz

Flash E28F640J3 @ 0x3000000, 8MB

BIOS Flash E28F640J3 @ 0xfffd8000, 128KB

0: ethernet0: address is 0011.937d.fead, irq 9

1: ethernet1: address is 0011.937d.feae, irq 10

Licensed Features:

Failover: Disabled

VPN-DES: Enabled

VPN-3DES-AES: Enabled

Maximum Physical Interfaces: 2

Maximum Interfaces: 2

Cut-through Proxy: Enabled

Guards: Enabled

URL-filtering: Enabled

Inside Hosts: 10

Throughput: Unlimited

IKE peers: 10

This PIX has a Restricted (R) license.

!!!!!!!!!!!!!!!!!!!!!!

Only me using vpn and I only access one internal server. Need help.

Thanks.

1 REPLY
Silver

Re: remote vpn disconnect automatically ???

Please disable all of the isakmp keepalives which can help if the disconnect due to loss of DPD packets.

If that does not help then try to enable idle timeout to unlimited. To do this, make the vpn-idle-timeout to none on the group-policy attributes

Finally, make sure all clients the DPD setting is set to maximum which is 480 seconds. There is a configuarable peer response timeout which is defaulted to 90 seconds. To adjust the setting, enter the number of seconds in the Peer response timeout field.

The VPN Client continues to send DPD requests every 5 seconds, until it reaches the number

of seconds specified by the Peer response timeout value.

305
Views
0
Helpful
1
Replies
CreatePlease login to create content