I gonna configure ipsec tunnel between to sites. I want that tunnel remain up almost all the time. For this if i configure "crypto ipsec security-association idle-time" to its maximum value, is there any issue doing this. Means i want to not, if it has any disadvange. Will it kill my router resources? As you know when ipsec tunnel come up, it drops few packets and also add delay in communication that i want to mitigate. Need your comments please.