We have a IP based time clock at a client whom we provide staffing services for plugged in to an ASA 5505. After a seemingly random amount of time, the VPN connection drops, but not fully. As soon as a computer is plugged in behind the ASA and powered on, the connection is fully restored. While the connection is 'down' it still registers on the Concentrator, and after a session reset from the Concentrator the data received remains at 0. On the ASA, the VPN light stays lit, but I can no longer ping the ASA or the time clock behind it. I had a 10 second ping monitor on it and it dropped within an hour. This causes an issue where the time clock is unusable. Right now I have a laptop connected behind the ASA at the client's location and am RDP'd into it with a steady ping to one of domain controllers. I can post the config, but since it is working, for up to a month and a half at a time, I don't know if it would help. It is set up as EasyVPN to a Cisco VPN 3000 Concentrator. The client is using Comcast cable Business Class, but I do not know if he has a static IP.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...