Site to Site VPN Tunnel Time-out

Unanswered Question
Nov 6th, 2007

The site to site vpn tunnel between the ASA 5510 and ASA 5505 loses connection after more 24 hours of inactivity. However, once I ping the inside address of the ASA 5505 from the ASA 5510 side of the tunnel, the VPN tunnel wakes and continue to work.

I have changed the Crypto isakmp policy

life time to none, but it does not help.

Please help!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
1cmerchant Tue, 11/06/2007 - 13:51

This is how the products are designed to work....once the IKE SA's time out the tunnel drops until additional interesting traffic is sent.

w-asaadmin Tue, 11/06/2007 - 14:04

The problem is when the remote users return

to their office over the weekend, the vpn

tunnel is down and they are not able to

connect their computers to the HQ computers.

The VPN tunnel can be waken up by

cycling the power of the remote ASA or I ping

its inside NIC IP address from the other end

of the tunnel.

Any suggestions? Thank you!

w-asaadmin Mon, 11/12/2007 - 10:32

OK, The VPN time-out problem has been found.

It was the bandwidth that causes the problem.

Once we upgraded the bandwidth, the problem had gone.

Actions

Login or Register to take actions

This Discussion

Posted November 6, 2007 at 9:32 AM
Stats:
Replies:3 Avg. Rating:
Views:346 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard