Its a new setup.
We are having a central site with leased line to internet & 13 remote locations having adsl connection (dynamic).All the remote locations are connecting via vpn to the central site.
Central site is having PIX 515 (ver 7.2(2)).
Remote locations are having 506E (ver 6.3(5)).
We are having a static to dynamic vpn.
Now, currently there are two sites (Central site & remote site)which we testing.The requirement is to have the vpn tunnelup always. To be on the safer side, we have created a batch file on all the remote locations which continously sends an extended ping packet to the central site server.
All the remote locations are having a sevre which communicates with the central site server placed in the DMZ.
When we initiate the connection from the remote site the tunnel comes up & we are able to pass bidirectional traffic.Now, in the background even the batch file is running which is always making the tunnelup.
Now, after sometime when we stop this batch file & again initiate the connection by applying ping from the remote server or PCs we are getting request timed out.
Logically, when we initiate the connection from remote side the vpn tunnel should always come up which is not happening in this case.
What we noticed was when we are getting request timed out, on the remote PIX we see QM_IDLE when we put "sh crypto isakmp sa".But at the central site we see "no isakmp sas" when we put"sh crypto isakmp sa"
We needed your help on this.