07-24-2006 08:37 AM - edited 02-21-2020 02:32 PM
I have Cisco VPN clients connecting to a PIX515 and ever since I
upgraded to IOS v7.0(5) there has been a 4 hour time out on the VPN
tunnels. I've changed all of the timeouts I can find and the users
are still getting disconnected at 4 hours. Below are the timeout
settings on the firewall
group-policy vpnuser attributes
vpn-idle-timeout none
vpn-session-timeout none
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
Thank for any help or suggestions
07-24-2006 12:35 PM
had a issue with l2l vpns with timeouts etc. etc.. after many hrs spend with changing timers etc. etc. problem went away when I upgraded to a 7.1x image.
07-24-2006 02:31 PM
I tried to run an 7.1x image and had lots of other problems with it randomly not allowing users to connect via vpn clients. The 4 hr limit was still there. I'm currently running 7.0(5).
Thanks again for any help
07-24-2006 04:09 PM
Hi,
What have you configured the SA lifetime's to?
Glen.
07-25-2006 05:18 AM
isakmp policy 1 lifetime 86400
is this what you are referring to when you say SA lifetime?
Thanks for your time
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide