Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
545
Views
0
Helpful
2
Replies

vpn-3020 connection dropped after 1hr with citrix

hbaski
Level 1
Level 1

‎01-14-2006 11:38 AM

Hi,

i am facing a strange problem with vpn 3020.

site -to-site tunnel is configured between 3020 to 3015 and users from 3020 is trying access the remote end citrix server.

after a 1hr or 2hrs connection suddenly dropped and user from 3020 end could not able to connect to the remote end (3015) citrix server.

during this i can able to ping the citrix server from the vpn box and user machines.But after a reboot of 3020 everything works fine for 1 hr,again the problem comes.

i have tried to upgraded new image and new box ,but still the problem persist.

when i introduced ipsec router instead of vpn 3020 it works fine without any problem.

request your valuable comments on this...

S.H

Labels:
0 Helpful
2 Replies 2

wong34539
Level 6
Level 6

‎01-19-2006 12:38 PM

At 85% of the rekey interval, the software client prompts the user to reauthenticate. If the user does not respond within approximately 90 seconds, the VPN Concentrator drops the connection.

If you have enabled the Reauthentication on Rekey feature, the VPN Concentrator prompts users to enter an ID and password during Phase 1 IKE negotiations and also prompts for user authentication whenever a rekey occurs. Reauthentication provides additional security.

If the configured rekey interval is very short, users might find repeated authorization requests inconvenient. In this case, disable reauthentication. To check your VPN Concentrator's configured rekey interval, see the Lifetime Measurement, Data Lifetime, and Time Lifetime fields on the Configuration | System | Tunneling Protocols | IPSec | IKE Proposals | Add or Modify screen.

0 Helpful

hbaski
Level 1
Level 1
In response to wong34539

‎01-19-2006 09:25 PM

Hi,

Thanks for your response.

In my case the i need to reboot the my vpn 3020 to work it again.

and more over same config is replicated in the ipsec router which is not giving any problem.

Regards,

S.H

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents