Cisco VPN :: Log Off Idle Users / ASA 5520

May 6, 2010

I'm using a Cisco ASA 5520 with IOS 8.2.2.  We have many remote users using the Cisco VPN client, but I have been asked can we logout idle users as we do hit our license limit and some users stay conenct for days.

View 3 Replies


Cisco VPN :: ASA 5520 - Persistent IP Address For Some Vpn Users

Sep 13, 2012

We are using Any connect vpn client (v2.5.3055) to an ASA 5520 (v8.4) in a development environment. We use our corporate Radius server to authenticate users. We have certain users which need have the same IP address every time they lo gin. As it is configured now, the IP addresses are assigned sequentially from the pool. Is there a way to allow certain users to get the same IP address each time they log on?

View 3 Replies View Related

Cisco Firewall :: ASA 5520 - Users Can't Access Through By Name

Mar 13, 2011

I just configure an ASA 5520, here is the config (the ip address of outside network if going to change from private direccion by reason security).
The problem that I have is the users can access to the web site through the public´s ip address but they do not can access through by name. We review all the config on the server DNS and with the command NSLOOKUP we can see that work fine. The client think that the asa is blocked the connnection.

View 1 Replies View Related

Cisco VPN :: 5520 - Restrict Certain AD Users From Access?

Dec 13, 2012

Is it possible to deny VPN access to specific AD accounts?
Currently setup with 5520, LDAP authentication for VPN users.

View 3 Replies View Related

Cisco Firewall :: ASA 5520 - CSC Blocking Using IP / Users

Jan 17, 2012

I am new at ASA 5520 and CSC module (version 6.3). I would like to know what configurations are possible for my network users if i use the CSC trend micro blocking using IP address or AD users, I know that i could select users/groups from the windows  AD or select the IP addresses that i want to use for blocking or permit HTTP traffic (URL, etc).

My question is on the client side, how the CSC knows what AD users is the one that is requesting certain HTTP pages, or if i user a proxy server, i lose the IP/users options on the CSC??..or i could use authentication options on the proxy for example?.

I have been looking information about this but the manuals only explain the configuration options that i could configure on the CSC Trend Micro page, but it doesn't say which network environment i could use or need.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: 5520 VPN Users Are Authenticated Against MS-AD Through LDAP

Sep 1, 2011

I have 2 ASA 5520 (v. 8.21) in a active/standby fail over configuration.
VPN users are autenticated against the MS-AD through LDAP. For the most part this works well. Occasionally I'm having problems with new users in the AD. If I run a test I keep getting "User was not found". This can happen days after the account was created still. In some cases it never seems to work. The accounts I create exists on the same OU level as all the other accounts that are working.

View 2 Replies View Related

Cisco Firewall :: 5520 - URL Blocking To Be Applied To Specific Users

Feb 10, 2010

I am having ASA firewall 5520. I want to block yahoo mail, gmail using regex for particular users only.

View 5 Replies View Related

Cisco VPN :: 5520 - Incorrect TCP Session Logs For Remote VPN Users On ASA

Oct 29, 2012

I have a problem on a Cisco ASA5520 version 8.2(5). A customer has set up a syslog to keep tracks of tcp sessions made by vpn users. On the syslog we filter %ASA-6-302013 and %ASA-6-302014 log messages, respectively: Built inbound TCP connection and Teardown TCP connection. When the connection is made by a vpn user, at the end of the log line you see the vpn username which should be the same in both the messages for the same connection. I have verified that when a user, let's say UserA, disconnects from the vpn, their tcp sessions are not properly closed; if another user, let's say UserB, establish a VPN immeditaely after and gets the same IP address previously assigned to UserA, the log sessions are recored with UserA in the %ASA-6-302013 message and UserB in the %ASA-6-302014 message. I presume this is due to the fact the tcp sessions are not tore down when the first user disconnects and it looks like a bug to me but I didn't find it referenced anywhere. Is there a way to have all tcp session tore down when a user disconnects the VPN connection?

View 2 Replies View Related

Cisco Firewall :: Traffic Shaping Per Users / Ip / Application Using ASA 5520

Apr 5, 2011

I hava Cisco ASA 5520 with AIP-SSM module. I would like to have the below features with ASA installed in Transparent mode.
1. Traffic shapping per user
2.  Traffic shapping per IP subnet
3.  Traffic shapping per Application
Is it possible with ASA installed in Transparent mode?

View 9 Replies View Related

Cisco VPN :: 5520 - Setup Environment That Allows Users To Use Dameware To Connect

Feb 23, 2012

I have been tasked with attempting to setup an enviroment that allows users to VPN from home and use Dameware to connect, from home, to another machine in another users home that is VPN'd into the same network. Is this possible?
We are using 2 5520 ASA's and CiscoAnyConnect.

View 1 Replies View Related

Cisco Firewall :: ASA 5510 / 5520 - Number Of Users That Can Be Created

Jul 5, 2012

How many user accounts i can create to a Cisco ASA box? Say for example a Cisco ASA 5510 or Cisco ASA 5520?

View 5 Replies View Related

Cisco Firewall :: ASA 5520 VPN Users With WCCP Redirection To IronPort

Apr 11, 2012

I have a 5520 ASA using wccp redirection to our IronPorts on the inside and everything works great for inside users. What I'm trying to do is get VPN users off split tunneling and to filter their traffic through the IronPorts as well but I can't figure out how. When they connect they seem to bypass the Ironport completely.

View 5 Replies View Related

Cisco Firewall :: ASA 5520 To Block Https Traffic But Users Are Able To Open Website

Jul 1, 2011

We have ASA 5520 with CSC-SSM 20 and we want to block https traffic but when we are blocking https traffic http traffic going to block but user are able to open website. 

View 1 Replies View Related

Cisco VPN :: ASA 5520 / Routing Site-to-Site VPN To Remote Users?

Oct 29, 2011

We have a site-site and remote vpn configured in same interface in ASA 5520 ( software version 8.3  ). When Remote vpn users try to connect to computers located on the distant end of site-site VPN, their request failed. I tried No-Nat between  remote vpn private IP to the remote site private IP, also stated the same in Split tunneling. I cant find even the tracert, ping also timed out.

View 7 Replies View Related

Cisco :: LMS 4.1 Freezes After About 10 Min Of Being Idle

Jun 11, 2012

We have LMS 4.1 installed. After about 10 min of being idle, the browser becomes frozen, eventually crashing it. We applied this fix for lagging hoping it would fix the issue, however it has not. We have been tracking a problem  internally where the Getting Started page hangs on login.  The problem  is with changes to access.  We are actively working to get  those fixed, but if this is what you're seeing the workaround is as  follows:
a.  Open the properties file name “” under the path   NMSROOT/MDC/tomcat/webapps/cwlms/WEB-INF/classes/com/cisco/nm/gs/ui
b. Update the field IS_DEFAULT_PAGE as “false”
c. Clear the browser cache and login-in(Daemon restart not required)

View 0 Replies View Related

Sent And Received Bytes Increasing When Idle?

Jan 20, 2011

When i check the status of my Internet Connection I notice that the sent and received bytes keeps increasing. I'm sure there are no downloads taking place that I'm aware of. No torrent clients, no antivirus nothing. I checked my PC for malware but that didn't work. As a result of this, i keep getting high pings in online games and can't even watch videos in youtube anymore. like, some software to monitor all the programs that use the itnernet connection without my knowledge or something??My primary concern is gaming (Call of Duty 4) so I wouldn't mind this idle downloading (whatever it is) as long as the major chunk of my internet connection is directed towards Cod4!

View 5 Replies View Related

Network Adapter Keeps Turning Off When Pc Is Idle?

Mar 15, 2011

I need to find a way to PERMANENTLY disable the network adapter from turning off to save power. Its this setting here. Uploaded with Every time I restart the computer it rechecks that box. I manage an office with about 10 computers and this power saving feature is making the software they use very unstable.

View 2 Replies View Related

Sent And Received Bytes Keeps On Increasing Even When Idle?

Jan 20, 2011

This has been happening of late. When i check the status of my connection, i notice that the "sent" and "received" bytes keeps on increasing when i'm idle. I'm pretty much sure there's no downloading of any sort in progress that I'm aware of. As a result of this, I can't watch videos in Youtube or play online games due to high ping. 

View 6 Replies View Related

LAN Connection Gets Disabled By Itself On Idle Status

Feb 22, 2012

LAN connection gets disabled by itself on idle. Sometimes BSODs.A few days ago I tried connecting a MBlaze modem to my laptop (Windows 7 Ultimate 32 bit) to access internet. But it resulted in instant BSOD everytime.I deleted the modem software after that & didn't try to connect it again.But now, whenever I connect using my LAN broadband, connection works fine as long as I am continuously browsing something. But as soon as I stop browsing and it goes in idle mode in about 10-15 minutes, the connection gets disconnected. In the adapter properties, it shows that the driver is working properly. If I try to disable or uninstall it it doesn't give a response. The only solution to this is a forced shutdown & restart, after which it works fine untill not idle. I am not able to download anything because of this.I tried many things like reinstalling the network adapter driver, unchecking the power management feature, resetting the connection, etc. but nothing is working.

View 5 Replies View Related

Cisco VPN :: ASA 5500 / VPN Connection Looses Connectivity Even When Not Idle?

Mar 3, 2011

I recently started having trouble with my VPN clients loosing connection.I can create the conenction, work with it for a while, and then loose connectivity.Timing seems to be dependent on the activity over the connection.More activity, the conenction stops working sooner.

The cleint doesn't disconnect, I just can't access anything from the client.Disconnecting and reconnecting the client fixes the problem, temporarily depending on how much data I'm transferring.This works 90% of the time.The other 10% if I wait 30-45 minutes, and try again.. It works...with the same results...
It was originally isolated to a Win 2003 server that I was using as the client.It is now happening on my Win XP client as well.I'm using the AnyConnect client ver. 2.5.2014 with the VPN service on the UC520.Which I beleive, is similar to the ASA 5500 series VPN device.I am running ver 8.1.0 on the UC 520, and I can't remember if this started after upgrading to the new software.

View 2 Replies View Related

Cisco Firewall :: Verify Idle-timeout On ASA 5510?

Apr 13, 2011

How to verify on the asa 5510 , the vpn-idle timeout,is running on default setting(30mts)

View 3 Replies View Related

Cisco VPN :: Sa540 - Disconnect VPN Connection After Idle Time

Jul 10, 2012

We are using the cisco sa540 router and shrew VPN to connect to our buiness network, mostly to connect to the workstations with RDP. Now we wonder if it posible that the connection will disconnect automaticly after an idle time of for example 30 minutes. And if so, how can i configure it?

View 4 Replies View Related

Whole Network Disconnects When Computer Goes Idle And Restarts?

Feb 22, 2013

I have a problem where the complete home network disconnects whenever my computer reboots from idle state (either after leaving it for a while so it goes on sleep, or by putting it on sleep mode). It then takes a few (long) minutes for the network, and the internet access to it to reconnect. In the meantime ALL devices in the house (other laptops, ipads etc) lose connection too. It's only my computer which does this, so i'm assuming that there's something wrong with the settings on computer.

View 11 Replies View Related

Cisco Wireless :: 5508 WLC - Associate Client From AP If Idle For Certain Time

Sep 16, 2012

Is it possible to rename the default webauthentication URL from [URL] to something like [URL]. We are running on, is it possible to do http for web authentication and https for Mgmt access if we upgrade the controller software?
We configured our guest wireless with no layer 2 authetication so users can associate with an AP and get an ip adress but they can't go anywhere unless they have a valid username and password(web authentication) - does this affect the performance of an AP since there will be many people associated with each AP, is there any setting in the WLC to de associate a client from an AP  if its idle for certain time.

View 9 Replies View Related

Cisco Firewall :: Asa5510 Idle TCP Connection Timeout With Flags

May 14, 2012

I have ASA 5510 with 8.2.4 and 8.0.x OS and all seem to have common problem of idle TCP connections not timing out. The host to host connections are coming over VPN tunnels. I have default timeouts on all the firewalls. I have tried changing global timeouts and as well as host specific timeouts using MPF but doesn't work at all ! The problem is when TCP connections are sitting idle in conn table for days and when connection limit of 50,000 conns reach the firewall starts behaving unpredictably dropping packets or unresponsive! I need the unused idle connections to timeout which is NOT happening either by changing global values or MPF.

View 1 Replies View Related

Cisco VPN :: Tunnel Gets Idle For Arbitrary Amount Of Time Rv110w

Oct 15, 2012

I have set up 2 RV110w firewall/vpn/routers at remote locations and an ipsec tunnel between them.  Once the tunnel gets established everything works fine until it has been idle for some arbitrary amount of time. (Maybe a half hour or less.) at which point we lose server access and can no longer ping across the tunnel. To fix this I have had to dissconnect and reopen the tunnel again,  I even went so far as to install an autopinger on the remote end to keep traffic on the tunnel which seems to work but is not going to be a viable long term solution.  

View 2 Replies View Related

Cisco Routers :: Rv082 Can Set Client Idle Timeout Someway

Nov 16, 2011

If i set up a pptp vpn between a Cisco rv082 router and a microsoft client,Can i set the client idle timeout someway? or Have a default value pre- configured for this?Because this device support 5 users to connect at the same time. It would be best for me, if the device drop the client if it does not use the tunel.

View 3 Replies View Related

Cisco :: WLC 5508 - Passive Client Vs User Idle Timeout?

Apr 18, 2012

I'm on WLC 5508 . It doesn't matter if passive client feature is turned on or turned off , when you try to increase "User Idle Timeout" you can see this message:
In our network, a lot of clients gets deauthenticated. I thought it would be useful to enable "Passive-client" feature, or increase "user idle timeout" , but how these works with each other?  

View 15 Replies View Related

Cisco Wireless :: WLC 5508 Controller Idle Timeout Limit

Dec 20, 2011

The behavior of some mobile devices ( as Iphone , Itouch, not Blackberry, not labtops ) with WL Controller (5508) is that, when the client doesn't use it, it disconnects after 480 sec.
The idle timeout configured is 900 sec.
Why the behavior is different in this type of devices? Increase the idle timeout is a solution?

View 2 Replies View Related

Broadband :: Vodafone Idle Mode Slow Down Speed?

Nov 30, 2011

How can i prevent my Vodafone usb stick device to enter in 3G mode when the network is very low usage or not at all. If i open google for example, it turns automatically on HSUPA mode with a better speed, but if im doing nothing after 1min or so it goes back on 3G more slower speed. So the 3G / HSUPA mode is auto switched depending on demand based on how much speed is needed at that moment. I am playing an online game and the network usage by the game when im inside playing it, is not in that range to trigger the HSUPA mode, and just stay in 3G causing me to have lots of lag, is there a workaround for this so when im playing the game to be connected with HSUPA instead of 3G? ( i was thinking about some kinda of slow trafic generator that generates a litle trafic continuously to trigger that HSUPA mode while im playing, but not sure if is possible and also not too much to affect my conection speed which is slow anyway on a mobile) You can see in the picture, the ping on google while its both modes, as u can see 3-5times ping increase while its on 3G. [URL]

View 1 Replies View Related

Netgear Dgn2200 Unable To Change Idle Timeout?

Oct 30, 2012

Modem is a Netgear dgn2200

On the modem page with all the settings Under basic settings For connection it says Always Connected The box underneath says idle timeout 5 (that's in minutes)

I am unable to change that number or even get a cursor to appear in that box (I want to change it to a 0 - my internet connection has been dropping out when going idle). I can't right click or anything. That is using Firefox. When I say dropping out, I mean, the 3 computers on the network become unuseable - nothing works and things don't appear to be connected to the internet even though my green ADSL light stays on like it's connected - it is not.

I tried the same modem page in IE, and that box with the 5 in it is still showing 5, but this time it's just grayed out - again, can't be changed. The firmware updates are all upto date (apparently - according to it's check)

View 1 Replies View Related

Lose Ability To Access Website After Idle Period (XP Pro)?

Jul 1, 2012

My XP Pro SP3 PC is connected to a Netgear DG834N modem/router via Ethernet. If the PC is left for say 4-5 hours the ability to connect to websites disappears. The browser just hangs and it's the same with IE and Firefox The odd thing is I can still ping websites by domain name without trouble. So the interenet connection is actually still in place.The problem is consistent and repeatable.Throughout this I have a second XP Pro SP3 PC also connected to the router via Ethernet and it works perfectly.

View 2 Replies View Related

Cisco Switching/Routing :: Catalyst 3850 - Normal To See 30% Cpu Usage When Idle?

Apr 18, 2013

We have a new stack of two Catalyst 3850-48T's running IOS XE 3.02.00 (we are upgrading to 3.02.01 this weekend.)We noticed the CPU usage is around 30% even when there is almost no traffic going through the switch.  We haven't seen any indication that it is causing a problem, but is this considered a normal baseline?I attached my config (with passwords sanitized,) show ver, show controllers utilization, and show process cpu history.
I noticed this behavior is normal on 2900XL/3500XL switches, but I didn't find anything relating it to 3850 switches.  Does the same thing apply to the 3850 switches? [code] url...

View 3 Replies View Related

Copyrights 2005-15, All rights reserved