I have a customer that has been using a Cisco PIX 506E to Cisco PIX
506E site-to-site VPN tunnel that I set up around 5 years ago. I have
recently purchased a new Cisco ASA 5510 to replace one of the 506s.
When the ASA 5510 is in place, RDP connections across the VPN tunnel
to a terminal server are randomly disconnected. I have swapped the
506E back into production and the connections NEVER drop.
In an effort to troubleshoot, I downgraded the ASA 5510 to v7.23 from
8.0. Problem instantly reoccurred. I have called TAC to confirm the
configuration is correct, which it is.
The other 506E is running v6.3.5.
I have plenty of other mixed VPN tunnels (v7 and v6.3.x) which have
had no problems.
Could this be a bad device? or am I missing something? After I
receive responses here, I may RMA the 5510.
Thanks!
I had a similar problem where tunnels would frequently drop not to
pixes but various end points I was using acls to filter traffic and
applying them to the group-policy and then applying that to the tunnel-
group. I fixed it but using the vpn-idle-timeout command in the group-
policy. Not sure what the default of this is.
On the ASA, I entered the command "timeout conn 0:0:0". Everything
has been fine since.
Andy