Danilo Dy Thu, 03/06/2008 - 00:41
User Badges:
  • Blue, 1500 points or more

Remote VPN or S2S VPN? SSL, IPSec DES or AES? Any logs?

Rick Morris Mon, 03/10/2008 - 11:50
User Badges:
  • Silver, 250 points or more

verify your phase 1 and 2 timers

VPN's can drop because of a security violation. It sounds like it is doing what it is suppose to do. In a cisco it is not always an easy thing to nail down though.

I would verify my settings with the remote side and make sure that your timers are the same and long enough to keep the session open.

Then verify the ACL's. Cisco is very picky that they both need to match line for line. Typically the phase 2 will not come up if their is a mismatch somewhere.


This Discussion