Cisco Cisco ASA 5555-X Adaptive Security Appliance
© 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.
Page 11 of 16
Session Persistence (Auto-Reconnect
)
21
Session persistence in the AnyConnect client allows the VPN session to recover from service disruptions and
reestablish the connection. For example, as the user roams from one Wi-Fi network to another or to a 3G cellular
network, the AnyConnect client automatically resumes the VPN session.
Figure 4. Session Persistence (Auto-Reconnect)
In addition, AnyConnect should be configured to reestablish the VPN session after the device resumes from
standby or from sleep or hibernation mode.
Auto-Reconnect is enabled in the VPN client profile. The parameter Auto Reconnect Behavior should be set to
Reconnect After Resume (Figure 4).
Note: On iOS devices, the VPN profile includes a Network Roaming parameter that should also be enabled to
support roaming across Wi-Fi and/or 3G cellular networks.
Idle Timeout
22
The idle timeout (vpn-idle-timeout) is the time after which, if there is no communication activity, the Cisco ASA
terminates the VPN connection. A very short idle timeout will frequently disrupt the VPN connection, requiring the
user to reestablish the VPN for every call. On the other hand, a large idle timeout value results in too many
concurrent sessions on the ASA. The idle timeout value can be configured per group policy. For group policies
specific to Jabber clients, an idle timeout value of 30 minutes is recommended.
21
Auto-reconnect:
22
Idle timeout: