SSL VPN Disconnect Issue
We currently have an issue with our SSL VPN connection disconnecting on random intervals. I do have a open support case and unfortunately not making any drastic headway, so reaching out here to see if anyone has had this issue or possibly something else I can try. We previously were using Juno Pulse and did not have this issue with any clients.
I am able to re-produce the disconnect by doing a simple file copy from one of our systems to my PC. Below is all the information that shows in the APM log, unfortunately there does not appear to be any further debug with PPP tunnels.
2014-08-15 06:59:05 Assigned PPP IPv4: 192.168.0.57 Tunnel Type: VPN_TUNNELTYPE_TLS NA Resource: /Common/VPN 2014-08-15 06:59:05 PPP tunnel 0x57025106e400 started. 2014-08-15 07:10:07 PPP tunnel 0x57025106e400 closed.
Next we went to wireshark where we are seeing a lot of TCP zero window packets, so I set the zero-window-timeout to infinite to rule out zero window disconnects. The issue still occurs after making this change.
Currently I am working on a client side capture to compare with the tcpdump on the appliance, but I am not seeing anything in the capture that stands out as a red flag (I am no wireshare expert by any means so digging though these captures is pretty slow).
Any thoughts or information is greatly appreciated, also please let me know of other info that would be of use.
Check the DNS settings of the F5 and make sure it can resolve the sslvpn fqdn.
Background: We had similar issues, the PPP tunnel kept randomly closing and opening a new one, which caused the clients to reconnect, which in turn caused traffic not flowing while the PPP tunnel did a new handshake.
There were no evidence in the LTM log why this happens, but the Edge client log revealed that DNS lookup for the APM endpoint (LTM VIP) didn't resolve. The client machine actually could resolve it, but the F5 itself couldn't. After changing the DNS servers in F5 to ones that resolved correctly the problem seems to have been solved.