Cisco ASA 8.4(5) VPN issue - VPN works but delay in user traffic
I currently run a VPN to a third party. We dont have any issues with the communication generally and I've tested traffic to the web application from user PC, through the firewall and to the appliocation itself. A TCPING shows a timely connection with vey low link usage throughout.
The application works fine for the users when used constantly however if the user leaves the web application open then returns 5 minutes later they have all kinds of fun with a 30 second to a minute timeout for a serach to come back. We see the 3 packet handshake complete quickly enough though. Once the timeout and seach is complete and they continue to use the application all is well again until they leave the app.
This has only started to happen over the last month or so in an otherwise successful application. The VPN remains up through out the issue and the supplier of the app doesn't have any issues with any other clients (I've heard that somewhere before but I belive them this time).
As a network guy I've always joked its never the network, we just carry everyone elses problem and deliver them as quickly as possible but this time i'm convinced there is something on the VPN I can check, a timeout value or something.
Could someone with far more experience than me with VPN give me some clues possibly as to where I could go looking for a potential issue. Vague I know but there you are.
Re: Cisco ASA 8.4(5) VPN issue - VPN works but delay in user tra
You need to look at the latency between the initial connection after the pause and the beginning of when data is returned to the client. I will virtually guarantee the application is timing the user out before restarting the session.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...