Keeping alive established TCP connections after a crypto clear sa

Unanswered Question
Nov 20th, 2007

Is there any way to keep established TCP connections alive across an ASA lan to lan vpn connection after a "cryto clear sa". Performing the cryto clear seems to also clear the entries in the “fast path” associated with the tunnel?

Chris

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
irisrios Mon, 11/26/2007 - 09:11

Set the connection timeout to 0 on both the pix. But this could lead to other problems like TCP sessions not getting cleared at all as long as PIX ix working.

Actions

This Discussion