Keeping alive established TCP connections after a crypto clear sa

Unanswered Question
Nov 20th, 2007
User Badges:

Is there any way to keep established TCP connections alive across an ASA lan to lan vpn connection after a "cryto clear sa". Performing the cryto clear seems to also clear the entries in the “fast path” associated with the tunnel?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
irisrios Mon, 11/26/2007 - 09:11
User Badges:
  • Silver, 250 points or more

Set the connection timeout to 0 on both the pix. But this could lead to other problems like TCP sessions not getting cleared at all as long as PIX ix working.


This Discussion