Hi. We have 4 AP 105s. Whenever someone tries to make a VPN connection to a customer the session continually disconnects and then connects again so in other words suffers from timeouts.
When the client uses an Ethernet cable no problem.
THe SSID they are using is set to 5Ghz and allows all protocols.
Any help would be much appreciated. Thanks.
Is there anyone else that uses VPN on that AP?
Hi. Yes same problem. It is on all Access Points
Is VPN the only application with problems? When did this first start happening?
Yes its the only application that has issues although the access point in use has serious interference on 2.4Ghz which is why I created the 5Ghz SSID which this user is now using.
Im having the same problem. In this case, i have a part of a building where we have contractors and they use my guest open ssid. When they launch their VPN client to home back to base the VPN session drops constantly. This has been happening for a while. I havent done major upgrades on the network in over a year. The access point is a 105 as well and there are a few ap93's around but the clients prefer the 105; they do connect at 5GHz because they're just close enough to the AP they can do that consistantly.
The employee network seems to be stable, we have this same SSID all over the place (500+ offices) over 4 class C networks and this location of 5 to 10 users is the only place having issues. WTHeck!
I suspect that we might have some kind of MTU setting that is wierd. I remember in the cisco VPN client days the MTU had to be reduced at times to work right. I dont know what kind of VPN they have but I think that's my next place to isolate and test from.
Did you ever find a solution for this? Am having similar problem.
Actually yes, I was able to figure this one out.
I was able to fix it. I contact their tech folks and I found out that the VPN client uses standard ports to initiate communications and also to authenticate (443, 4500, 500, etc.) But when it goes into the authenticated role that the protocols uses are ESP and GRE.
I know right? So, in short the initial communication is established over the common IPSEC ports but once authenticated and in order to take advantage of the big pipe facing the internet, they must be able to communicate back to their VPN appliance over the mentioned protocols.
I hope that makes sense, sometimes my mind races with thought and ideas but my fingers write gibberish...
Congratulations on the fix. Could you please go into a little detail for one who might want to duplicate how to correct the issues? So, what needs to change in order to use those protocols?
Hello. Just writing to follow up on whether you have discovered a solution to this issue. We have guest clients that share the same experience.
The client will fire up their VPN and exactly 59 seconds later the session will drop/disconnect. In troubleshooting with Aruba, their test was to setup a continuous ping while the VPN opened and subsequently dropped. They claim that the APs are not dropping the session since the extended ping remains alive during testing.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.