Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Takes long time to close/shutdown a bloken link (Ver. 3.6 and nat-t)

I have notice that if a client get disconnect abnormally (not the users that close)

And they are connecting through IPSec over TCP (NAT-T) it takes about 4-5 min before the concentrator close the connection. And the users is listed as active under “monitor session”

Have I overlook any new thing in version 3.6? Like connection time out???

2 REPLIES
Bronze

Re: Takes long time to close/shutdown a bloken link (Ver. 3.6 an

Be sure keepalives are enabled.

From http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/3_6/config/usermgt.htm#xtocid22

"If you disable IKE keepalives, connections with unresponsive peers remain active until they time out, so we recommend you keep your idle timeout short. To change your idle timeout, see the Configuration | User Management | Groups | Add screen, General tab."

New Member

Re: Takes long time to close/shutdown a bloken link (Ver. 3.6 an

Thaks for the replay! I was aware about the ike keep alive so that’s not the problem. The think is that is only when you are connection via ipsec over tcp and gets disconnection abnormally I see this problem? So I doubt it’s the idle time (15 min).

111
Views
4
Helpful
2
Replies
CreatePlease to create content