Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA 5520 - ISA 2004 VPN Issues

Hello,

Just set up 2 ASA 5520s in an Active/Passive configuration at our off site hosting facility in order to replace our old Pix firewall.

We have an ISA2004 server at our office location which handles our traffic internally.

VPN from our office to our servers at our off-site location has been very "flakey"... it seems that the tunnel closes itself every 2-5 minutes without warning, which freezes the RDP/Explorer session to the off-site server...

Does ANYONE know about any issues concerning ASA5520-ISA2004 VPN?? The configuration on the ISA Server is the same as it was when everything worked on the PIX, and the ASA configuration is also the same as the PIX configuration was.

Thanks,

Chris

1 REPLY

Re: ASA 5520 - ISA 2004 VPN Issues

Hi Chris,

As a quick test, disable the Dead peer Detection on the ASA and make sure the ISAKMP life is to 8h on both machines.

Can you please paste the output of the debug crypto isakmp? Have you migrated from PIX 7.x or 6.x?

If this helped, please rate.

Regards,

Daniel

137
Views
0
Helpful
1
Replies
CreatePlease to create content