[c-nsp] ASA VPN Tunnels
Blake Pfankuch
blake at pfankuch.me
Thu Dec 27 17:39:10 EST 2012
Got a little bit of a tricky one...
I have an existing ASA5510 acting as a remote access gateway, serving AnyConnect VPN clients and ASA VPN Clients. Almost everyone is having no problems.
I have 1 user who has a ASA5505 set up as a client. User has CenturyLink DSL at his house. I had him configure the DSL Modem to provide "DMZ" functions to his ASA5505. I have Turned up the lifetime on the tunnel, as well as the timeout functions. I have dropped MTU from 1492 to 1300 on the ASA inside and outside. When it works, it works beautifully, however about every 10 minutes the 5505 drops off the tunnel. Nothing in logs on either side, just a Tearing down IKE session message.
Anyone have any additional suggestions?
More information about the cisco-nsp
mailing list