Pages

Monday, April 29, 2013

VPN troubleshooting: Isolating VPN session timeout issues

Depending on the vendor your company uses, the location from which you’re trying to establish a VPN connection, and other factors, a user could come up with a hundred different possible issues with authenticating to a VPN. Here are some areas to look at first regarding the stability of a VPN connection.

One of the first things to do when troubleshooting a VPN session timeout or lockout issues is to determine the user’s location. It’s important because if a user can always connect while he or she is at home, but can never connect on an open Wi-Fi connection at the local coffee house, that should enable isolation of the issue quickly. This is one of the simplest forms of VPN troubleshooting, but can save a lot of time during the process.

Another way to start determining the root cause of the VPN issue is to ask the user to connect to the VPN both on the WLAN and the wired LAN. The majority of VPN connections these days are connected wirelessly. In the past, I’ve noticed certain vendor agents are less tolerant of network loss due to the poor strength of a Wi-Fi connection, which could result in VPN stability issues. If a user is able to connect via the wired LAN without any issues, but has an issue periodically with the WLAN, start troubleshooting the agent logs and the origin of the logon attempts with an eye toward wireless-related issues.

There’s also the issue of timeout periods for users. I’ve seen many default values around timeouts, such as idle connections after 10 minutes, and a max session at 60 minutes with a reminder of five minutes before timeout. This might not suit all users, so these values could be reworked to fit the needs of the company and user population. This could be an issue where the defaults are too low for what the user needs the session for; this is especially true in SSL VPNs.

When using IPSec, verify the connection settings of your phase 1 and phase 2 rekey policies. The phase 1 policy will be able to go down without an issue and rekey, but if your phase 1 and phase 2 timers go down at the same time, there’s the potential for a timeout or longer connection time.

Read the rest of my article for searchsecurity.techtarget.com here.

13 comments:

  1. I would state, you do the genuinely amazing.This substance is made to a wonderful degree well. https://privatnostonline.com

    ReplyDelete
  2. Should you feel find it difficult to, you undoubtedly is not able to; If you don't intend, to have failing. Things are subject to intellect, reduction of hundreds exercises are hopeless prior to starting. www.lemigliorivpn.com

    ReplyDelete
  3. I personally like your post; you have shared good insights and experiences. Keep it up. privacidadenlared

    ReplyDelete
  4. I definitely enjoying every little bit of it. It is a great website and nice share. I want to thank you. Good job! You guys do a great blog, and have some great contents. Keep up the good work. I really appreciate this wonderful post that you have provided for us. I assure this would be beneficial for most of the people. internetprivatsphare.ch

    ReplyDelete
  5. I am glad to locate your recognized method for composing the post. Presently you make it simple for me to comprehend and actualize the idea. Much obliged to you for the post.  lesmeilleurs vpn

    ReplyDelete
  6. This is extremely fascinating substance! I have completely delighted in perusing your focuses and have reached the conclusion that you are right about a hefty portion of them. You are extraordinary.  vpn austria

    ReplyDelete
  7. The data you have posted is extremely valuable. The locales you have alluded was great. A debt of gratitude is in order for sharing... vpnveteran

    ReplyDelete
  8. Thanks for posting this info. I just want to let you know that I just check out your site and I find it very interesting and informative. I can't wait to read lots of your posts. Klik hier

    ReplyDelete
  9. This was a shocking post. It has some look at here fundamental data on this subject. bezoek website

    ReplyDelete
  10. Amazing post! I appreciate your hard work. Thank you for sharing. I have also share some use full information.
    Drone pro review
    PhotoStick Mobile Review
    mosquitron reviews
    eco beat earphones review

    ReplyDelete
  11. This comment has been removed by the author.

    ReplyDelete
  12. I was able to avail NordVPN thanks to this guide of the trustworthy VPNs to use in Austria (where I am also based). So far, I haven't had any issues but since I will certainly bookmark this informative article for future reference.

    ReplyDelete
  13. Thank you for sharing this nice post. I really loved reading this. synogut reviews

    ReplyDelete