Re: VPN Client Disconnect after 4 hours

robert.ives · ‎07-24-2006

I have Cisco VPN clients connecting to a PIX515 and ever since I

upgraded to IOS v7.0(5) there has been a 4 hour time out on the VPN

tunnels. I've changed all of the timeouts I can find and the users

are still getting disconnected at 4 hours. Below are the timeout

settings on the firewall

group-policy vpnuser attributes

vpn-idle-timeout none

vpn-session-timeout none

arp timeout 14400

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

Thank for any help or suggestions

valconix · ‎07-24-2006

had a issue with l2l vpns with timeouts etc. etc.. after many hrs spend with changing timers etc. etc. problem went away when I upgraded to a 7.1x image.

robert.ives · ‎07-24-2006

I tried to run an 7.1x image and had lots of other problems with it randomly not allowing users to connect via vpn clients. The 4 hr limit was still there. I'm currently running 7.0(5).

Thanks again for any help

glen.messenger · ‎07-24-2006

Hi,

What have you configured the SA lifetime's to?

Glen.

robert.ives · ‎07-25-2006

isakmp policy 1 lifetime 86400

is this what you are referring to when you say SA lifetime?

Thanks for your time