Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
437
Views
0
Helpful
2
Replies

Tunnel drops but never recovers

zirbo
Level 1
Level 1

‎06-13-2007 04:56 AM - edited ‎03-09-2019 06:11 PM

Hi,

I have a problem related to a hub and spoke DMVPN over ADSL setup: the spokes are using ADSL lines and the hub is using a fiber link (higher bw to accomodate the 20+ tunnels to the spokes)

The problem we are seeing is that when the ADSL line drops (even by simply pulling the cable), the tunnel drops. After restoring ADSL - the Internet connectivity is restored on the spoke. However - the tunnel cannot pass any traffic from one end to the other. The problem persists for days if not engaged.

The only thing that appears to fix it is reloading the central router.

Reloading the ADSL one does not.

Both the hub and the spoke are currently using Cisco 1812 hardware.

I suppose this could be related to IPSEC / ISAKMP timers but I am not that good with it so any suggestion would be very much appreciated.

Thank You,

Dragos

Labels:
0 Helpful
2 Replies 2

a-vazquez
Level 6
Level 6

‎06-20-2007 08:22 AM

you may need to set isakmp keepalives on the Routers.

You can do that by adding the following command on both the Routers in the global configuration mode:

crypto isakmp keepalive 15 5

This command would allow the Routers to send dead peer detection (DPD) messages to each other.

0 Helpful

zirbo
Level 1
Level 1
In response to a-vazquez

‎06-21-2007 01:35 AM

Great - I will try that.

Thanks a Lot !

BR,

Dragos

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents