Cisco ASA Client VPN Disconnect Reasons
Looking for more information about those %ASA-4–113019 session disconnects in your logs, especially the illusive “administrator reset”?
So was I. So I did a few experiments to see which “reason” my Cisco ASA gave me under different circumstances.
In my ASA logs, I typically saw four “reasons” for disconnects, for which there was zero explanation in Cisco’s documentation:
- Administrator Reset
- User Requested
- Lost Service
- Peer Reconnected
Here’s what I found typically for each “reason” for the disconnect. Leave me a note if you’ve found more & I’ll add them to this post.
Reason: Administrator Reset
I saw this illusive, not quite apt named “reason” in these instances:
- When my primary Internet connection failed. In my log reading, I saw this error prior to the client VPN disconnect:
%ASA-6–622001: Removing tracked route 0.0.0.0 0.0.0.0 <snip>
and then this message for a few VPN users, which is a clue also:
%ASA-4–113019: Group = group_name, Username = name, IP = x.x.x.x, Session disconnected. Session Type: IPsecOverNatT, Duration: h:m:s, Bytes xmt: x, Bytes rcv: x, Reason: Administrator Reset
Note: you’ll only see the ASA-622001 message if you’re using tracked routes to fail over to a backup Internet connection. - When I forcibly disconnected the user account with:
# vpn-sessiondb logoff name name
But I don’t do that often, or I’d end up with really annoyed users!
Reason: User Requested
Not surprisingly, I saw this “reason” for the disconnect when I disconnected my VPN client.
I’ve also seen this disconnect reason when the user’s internet provider does not allow the IPSec protocol and ports needed.
Reason: Peer Reconnected
I saw this “reason” when I turned off wireless on my laptop before disconnecting VPN.
Reason: Lost Service
I saw this “reason” when I disconnected the cable between my wireless router and the Internet — simulating a drop from my Internet provider.
Are there more reasons you’ve seen? Write a response please. This post gets a lot of google search traffic, and we all know troubleshooting Cisco things are not simple!
This post was written by the Head of IT at Medium, the reading and writing platform where you’re reading this post.
If you found this info useful, please click that “Recommend” button below so others on Medium can find this post.