Cisco ASA 5510 to Cisco PIX 506E VPN Tunnel, Dropping RDP

Hi All

I have a customer that has been using a Cisco PIX 506E to Cisco PIX
506E site-to-site VPN tunnel that I set up around 5 years ago. I have
recently purchased a new Cisco ASA 5510 to replace one of the 506s.
When the ASA 5510 is in place, RDP connections across the VPN tunnel
to a terminal server are randomly disconnected. I have swapped the
506E back into production and the connections NEVER drop.

In an effort to troubleshoot, I downgraded the ASA 5510 to v7.23 from
8.0. Problem instantly reoccurred. I have called TAC to confirm the
configuration is correct, which it is.

The other 506E is running v6.3.5.

I have plenty of other mixed VPN tunnels (v7 and v6.3.x) which have
had no problems.

Could this be a bad device? or am I missing something? After I
receive responses here, I may RMA the 5510.

Thanks!

 

I had a similar problem where tunnels would frequently drop not to
pixes but various end points I was using acls to filter traffic and
applying them to the group-policy and then applying that to the tunnel-
group. I fixed it but using the vpn-idle-timeout command in the group-
policy. Not sure what the default of this is.

 

I resolved this issue three weeks ago.

On the ASA, I entered the command "timeout conn 0:0:0". Everything
has been fine since.

Andy