Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN clients loose communication over time

From looking at the status of the vpn connections on the router I have noticed that over time IP addresses can go from a ?working? state to a ?broken? state where communication between the client machine and the cisco device doesn?t happen. In short, an IP address works fine for one machine earlier in the day, but a few hours later it is broken for another machine that picks up the address. The router shows ?Bytes Tx: 0? (data transmitted back to the client) on each of these ?broken? IP addresses. Once a machine that was using a ?broken? IP address receives a new IP address that hadn?t been broken, it is able to communicate again. As other machines takes over a ?broken? IP address it is then unable to communicate with the router. I have seen good IP address ?break? but I have not seen an IP address that was "broken" go back to ?working? again. A broken IP address may not get used for a little while (sitting in the address pool waiting to be re-assigned by the router), but once it is used again the machine that picks it up will be in a ?broken? state. When I did a ?VPN-Tunnel bounce? (logoff remote) it didn?t help, and may have cause things to become worse. When I did a ?reload? on the router, the status of the router went from 34 connections working and 70ish broken to 107 working and 2 broken. A reload was done Monday and by Wednesday have seen anywhere from 2-7 broken connections at any given time and growing (I have yet to see 100% connections ?working?). It seems also that an IP address only works the first time it is assigned (to a VPN client), and then it is unusable to any client it is assigned to after that.