Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

remote VPN client disconnects every hour

hello,

I have a Cisco router that works as a VPN server. a remote user uses Cisco VPN client 5.0.05.0290 to connect to the office resources.

Every one hour (or a few minutes less than one hour) after a connections is established, a message pops up on a user's laptop asking to re-authenticate. If you caught the mesage right away and entered same username and password that was used to establish the connection - the connections stays, but if you missed it by a minute or so - there is no indication that username/password is wrong, and it seems that the connection is still working fine, but in a few seconds a disconnect error message pops up:

"Secure VPN Connection terminated locally by the Client"

I am also attaching some debug info from the Client side...(asked for password at 14:44 and typed password 14:54 in the log)

my questions are:

1) How to make VPN client continue the connection without prompting a user to re-authenticate.

2) What's causing the router or the client to ask a user to type username/password again?

here is the config(keep in mind that I use the same crypto map for site2site vpn tunnel as well):

aaa authentication login userauthen local

aaa authorization network groupauthor local

crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

group 2

lifetime 3600

crypto isakmp key ******* address x.x.x.x no-xauth

crypto isakmp client configuration address-pool local vpn-users

crypto isakmp client configuration group group-name

key *****************

wins x.x.x.x

pool vpn-users

acl split-tunnel

crypto ipsec transform-set 3des-md5 esp-3des esp-md5-hmac

crypto dynamic-map any-dyn 10

set transform-set 3des-md5

crypto map dc client authentication list userauthen

crypto map dc isakmp authorization list groupauthor

crypto map dc client configuration address respond

crypto map dc 2 ipsec-isakmp

set peer x.x.x.x

set transform-set 3des-md5

match address dc-vpn

crypto map dc 10 ipsec-isakmp dynamic any-dyn

ip local pool vpn-users 192.168.254.1 192.168.254.100

Thank you for helping me figure this one out.

1 REPLY
New Member

Re: remote VPN client disconnects every hour

here is the attached log file...

635
Views
0
Helpful
1
Replies