Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Avaya 96XX phones VPN on Cisco ASA 5515 running 9.1(3)

Status
Not open for further replies.
crhoads71

crhoads71

IS-IT--Management
Jan 18, 2012
15
US
Experiencing an odd problem in that my remote phones will all start a constant cycle of restarts after about a week of being connected. To get them back online I have to delete each phones H323 extension and re-add it.

I have removed all timers and fixups on the ASA and this still continues to happen. I did have h323 timeout errors in the logs prior to removing the timers, but I don't have those errors anymore when this happens. I can't seem to find any errors in the IP Office monitor when this happens, but the fact that deleting the H323 extension seems to mitigate the issue for another week points to something, right?
 
Sort by date Sort by votes
Do you use the same xauth credentials for all of the VPN phones?

I have had an issue recently where the ASA would only let you fixup 5 tunnels, the 6th would boot someone off, forcing it to reboot, then when that came back it would boot someone else off.

 
Upvote 0 Downvote
For the ASA vs 56XX i used these settings so almost the same for 9600;

IKE/IKE2 3DES/MD5/DH2
IKE Xchg Mode Agressive
Remote Net 0.0.0.0/0
Cisco Xauth with PSK
Cert Ex/DN disabled
Copy TOS no
File srvr IPO
Conn Check Always
Qtest Disabled
VPN start mode Script.

Here is a link it's not for the IPO but for the CM, the way to configure it on the 96XX is the same.


Avaya_Red.gif

___________________________________________
It works! Now if only I could remember what I did...

Dain Bramaged (Avaya Search tool )
______________________________________
 
Upvote 0 Downvote
It looks like RNIPO got it, how do I make each phone prompt for a VPN User? my 96xxvpn settings are overwriting my manual changes each time the phone reboots.
 
Upvote 0 Downvote
There is a setting in the ASA to increase the max XAUTH limit, then you can leave the phones as they are. Or you can just remove the setting from the settings file so it doesn't over write.

To increase the simultaneous logins add the following to the VPN policy on The ASA:

ciscoasa(config)#group-policy <policy name> attributes
ciscoasa(config-group-policy)#vpn-simultaneous-logins 20
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ipcom123
  • Locked
  • Question
Missed calls logs in Avaya Phones
Replies
7
Views
685
gkittelson
gkittelson
Rhinorhino
  • Question
Time & Date 9.1 27
2
Replies
20
Views
1K
comfortinntechci.com
comfortinntechci.com
Furrye
  • Locked
  • Question
Call for other CM by Avaya IP Phone 4610sw, ASA Configuration
Replies
2
Views
239
Furrye
Furrye
K
  • Locked
  • Question
96xx IP Phone not update.
Replies
7
Views
504
derfloh
derfloh
Shaabneh
  • Locked
  • Question
Connect Avaya K175 on Cisco call manager
Replies
0
Views
96
Shaabneh
Shaabneh

Part and Inventory Search

Sponsor

Back
Top