Tunnel drops but never recovers

Unanswered Question
Jun 13th, 2007
User Badges:

Hi,


I have a problem related to a hub and spoke DMVPN over ADSL setup: the spokes are using ADSL lines and the hub is using a fiber link (higher bw to accomodate the 20+ tunnels to the spokes)


The problem we are seeing is that when the ADSL line drops (even by simply pulling the cable), the tunnel drops. After restoring ADSL - the Internet connectivity is restored on the spoke. However - the tunnel cannot pass any traffic from one end to the other. The problem persists for days if not engaged.

The only thing that appears to fix it is reloading the central router.

Reloading the ADSL one does not.


Both the hub and the spoke are currently using Cisco 1812 hardware.


I suppose this could be related to IPSEC / ISAKMP timers but I am not that good with it so any suggestion would be very much appreciated.


Thank You,

Dragos


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
a-vazquez Wed, 06/20/2007 - 08:22
User Badges:
  • Silver, 250 points or more

you may need to set isakmp keepalives on the Routers.


You can do that by adding the following command on both the Routers in the global configuration mode:


crypto isakmp keepalive 15 5


This command would allow the Routers to send dead peer detection (DPD) messages to each other.



zirbo Thu, 06/21/2007 - 01:35
User Badges:


Great - I will try that.

Thanks a Lot !



BR,

Dragos



Actions

This Discussion