Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 651
  • Last Modified:

Cisco network ASA 5520 & 877 VPN's dropping

Hi,

I have a Cisco ASA 5020 in the head office (5mb leased line) with 7 branch offices using Cisco 877's + 8mb ADSL
Every site experiences several VPN drops throughout the day mostly only for a few seconds - is there any way to combat this.

Traffic is light - Email, web browsing (Through a proxy), RDP session.

Some sites are worse than others but overall none of them are reliable - We have one site using a 2mb fibre to the building leased line and drops occur maybe once every two days which is ok - Is it down to the ADSL quality in these sites or would ios / firmware upgrades help.

Thanks,
0
joe90kane
Asked:
joe90kane
1 Solution
 
asavenerCommented:
VPN reliability is almost entirely dependent on the reliability of the Internet connectivity.

I would set up an IMCP monitor for the public IPs of the remote sites as well as internal addresses at the remote sites, and see if there's a correlation between packet loss.

0
 
Galtar99Commented:
Have your service provider perform over night testing on the circuit and check the interface counters of the circuits in question for errors.
0
 
decoleurCommented:
most VPN connections have an inactivity timeout that will cause a connection to drop if there is no interesting traffic traversing an encrypted tunnel.

you should be able to get an indication in the logs of the VPN endpoints what caused the tunnel to disconnect.

if this is a possible issue you can set up a monitoring solution like asavener mentioned that sends a ping every x minutes to keep the tunnel active.

if you need any help setting this up let us know.

-t
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
asavenerCommented:
Have you tried any of the testing we suggested?
0
 
joe90kaneAuthor Commented:
Thanks for the comments - I setup ping plotter and can see extensive packet lose from both the External & Internal IP at the same time so it must be the provider.

Getting a Lan extension installed next week so should resolve / improve the situation.

0
 
asavenerCommented:
I feel that we helped the poster find an underlying network reliability problem, which affected his VPN.
0
 
ModalotEE ModeratorCommented:
Following an Objection by asavener, and after Moderator review, there seems to be a better  disposition, as recommended by the contributing Expert(s).

Modalot
Community Support Moderator
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now