VPN 3005 filters stop working after 10 to 15 minutes ?
I recently moved my 3005's public interface directly to the Internet (was behind PIX on DMZ). I created an appropriate filter set for the public Interface - blocking all management ports etc... and allowing traffic vpn traffic.
( I found out that icmp HAS to be enabled to allow clients to connect..)
After applying the filters, I can connect successfully for approximately 10 to 15 minutes... after that time I can no longer connect or ping the concentrator until it is rebooted.
I have tried using a lot of combinations of filters in different orders as well as the ANY-IN and ANY-OUT filter as well.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...