Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

vpn-3020 connection dropped after 1hr with citrix


i am facing a strange problem with vpn 3020.

site -to-site tunnel is configured between 3020 to 3015 and users from 3020 is trying access the remote end citrix server.

after a 1hr or 2hrs connection suddenly dropped and user from 3020 end could not able to connect to the remote end (3015) citrix server.

during this i can able to ping the citrix server from the vpn box and user machines.But after a reboot of 3020 everything works fine for 1 hr,again the problem comes.

i have tried to upgraded new image and new box ,but still the problem persist.

when i introduced ipsec router instead of vpn 3020 it works fine without any problem.

request your valuable comments on this...



Re: vpn-3020 connection dropped after 1hr with citrix

At 85% of the rekey interval, the software client prompts the user to reauthenticate. If the user does not respond within approximately 90 seconds, the VPN Concentrator drops the connection.

If you have enabled the Reauthentication on Rekey feature, the VPN Concentrator prompts users to enter an ID and password during Phase 1 IKE negotiations and also prompts for user authentication whenever a rekey occurs. Reauthentication provides additional security.

If the configured rekey interval is very short, users might find repeated authorization requests inconvenient. In this case, disable reauthentication. To check your VPN Concentrator's configured rekey interval, see the Lifetime Measurement, Data Lifetime, and Time Lifetime fields on the Configuration | System | Tunneling Protocols | IPSec | IKE Proposals | Add or Modify screen.

New Member

Re: vpn-3020 connection dropped after 1hr with citrix


Thanks for your response.

In my case the i need to reboot the my vpn 3020 to work it again.

and more over same config is replicated in the ipsec router which is not giving any problem.



CreatePlease to create content