09-15-2008 08:07 AM - edited 02-21-2020 03:56 PM
I have a user that gets disconnected from an ASA5510. I enabled logging on the client and this is what I see.
970 09:39:12.715 09/15/08 Sev=Info/4 IKE/0x6300004B
Discarding IKE SA negotiation (I_Cookie=BE155E4798484A5A R_Cookie=DE7678029A65C866) reason = PEER_DELETE-IKE_DELETE_UNSPECIFIED
971 09:39:12.715 09/15/08 Sev=Info/4 CM/0x63100013
Phase 1 SA deleted cause by PEER_DELETE-IKE_DELETE_UNSPECIFIED. 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
972 09:39:12.715 09/15/08 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
973 09:39:12.715 09/15/08 Sev=Info/6 CM/0x63100031
Tunnel to headend device xxx.xx.xx.xxx disconnected: duration: 0 days 1:14:13
974 09:39:12.730 09/15/08 Sev=Info/6 CM/0x63100046
Set tunnel established flag in registry to 0.
975 09:39:12.730 09/15/08 Sev=Info/4 IKE/0x63000001
IKE received signal to terminate VPN connection
What could be causing this problem? Thanks.
09-19-2008 07:00 AM
If the idle timeout is set to 30 minutes (default), it means that it drops the tunnel after 30 minutes of no traffic passes through it. The VPN client gets disconnected after 30 minutes regardless of the setting of idle timeout and encounters the PEER_DELETE-IKE_DELETE_UNSPECIFIED error.
Configure "idle timeout" and "session timeout" as none in order to make the tunnel always be up and so that the tunnel is never dropped.
01-08-2009 10:47 AM
Hi Brian,
Did you resolve your issue?
Craig
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide