Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
334
Views
0
Helpful
1
Replies

VPN drops from new office locations through ASA, HELP

toao
Level 1
Level 1

‎09-16-2008 11:03 PM - edited ‎02-21-2020 03:56 PM

Hello everybody !

First let me say that I have looked through the forum to see if I could find the answer to my question, but I havent found it so here I go.

First a little background information.

My company have used Cisco VPN for the last 5 years without problems of any kind, we are running with the lates firmware and clients at the 3020 appliance.

I have min. 50 connections running for more than 8 hours everyday from 50 different locations, behind several different firewall setups. These firewalls are not my companys, but the customers.

Now my company has been bought by a bigger company,and we are experiencing problems with keeping a VPN connection from within this new company ???

They are using a ASA appliance as gateway, I havent got any configs from them, because they do believe that their setup is okay, but we haver never before noticed these problems with VPN drops.

The problem is that the VPN only runs for 5-10 minutes before the connection is lost, and if the user go to another location to test it worsk perfect, so I believe that the problems must be behind the ASA appliance.

But what should I look after ??

When the connection is lost the client just tells " the remote peer no longer responding "

I could post my own config but what would this help , when all our connections from other locations are working well ?

The problem exist in both TCP and UDP.

Hope that someone have a suggestion.

Kind regards Thomas

Labels:
0 Helpful
1 Reply 1

felixjai
Level 1
Level 1

‎09-17-2008 10:33 AM

If the VPN tunnel is established successfully (even for 5 min), meaning the phase 1 and 2 settings are ok. If it drops only after running for 5-10 minutes, there might be a keeplive setting that terminates the tunnel. Try turning on debugging on isakmp and ipsec on your VPNC3020. And ask to do the same on the other side (if they are willing to cooperate with you). You should see the cause from the debugs. If you have the debug logs and still not sure what causes it, please post it here so that we can all look at it and figure out.

0 Helpful
Customers Also Viewed These Support Documents