Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Auto Reconnect EZVPN Client in ASA to 3005 Concentrator

My network looks like this:

Dynamic Public IP:ISP Router:NAT<----->DHCP:ASA 5505:Private LAN

The above ASA connects back to a 3005 Concentrator using EZVPN.

The problem I am having is when the ISP connection sometimes drops, the ASA EZVPN does not instantly try to reconnect once the internet connection is reestablished. It eventually does, but sometimes it takes hours.

I know you can manually force it to reconnect by browsing to the ASA's webpage, but I don't users to have to do that all the time.

Is there a VPN connection retry command for the ASA EZVPN Client?

Also, when I power off and on the ASA, the VPN connection comes back up fine. Again, it would be ideal if users did not have to do that all the time.

Thanks

3 REPLIES
Bronze

Re: Auto Reconnect EZVPN Client in ASA to 3005 Concentrator

check if 'connect auto' has been configured to automatically bring the tunnels up when down. Have a look at this bug:CSCec87805

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800945cf.shtml

Gold

Re: Auto Reconnect EZVPN Client in ASA to 3005 Concentrator

is nem enabled? split tunneling?

vpnclient nem-st-autoconnect

make sure you also have the groupname/preshared key configured, and username/passwd if using xauth.

Community Member

Re: Auto Reconnect EZVPN Client in ASA to 3005 Concentrator

Here is my vpnclient config:

vpnclient server *************

vpnclient mode network-extension-mode

vpnclient nem-st-autoconnect

vpnclient vpngroup ***** password ********

vpnclient username [domainuser] password [domainpassword]

vpnclient enable

Am I missing something? Split tunneling is specified on the Concentrator side and is working when the tunnel is connected.

426
Views
0
Helpful
3
Replies
CreatePlease to create content