07-29-2008 11:44 AM - edited 02-21-2020 03:51 PM
I have a site-to-site VPN tunnel. If the tunnel is not used for quite some time, the VPN will not work at the remote site. I have to do a ping from the primary site to the remote site to start the connection. This actually started happening when I upgraded my PIX 515 to an ASA5510. I am connecting to a PIX 501.
07-29-2008 12:18 PM
You could run dead peer detection on both devices to keep the tunnel alive.
ASA
tunnel-group x.x.x.x ipsec-attributes
isakmp keepalive threshold 30 retry 2
PIX
isakmp keepalive 30 2
10-13-2008 04:48 AM
Ok. But from the SW version 7.2.x the isakmp keepalive is active by default on ASA devices.
10-13-2008 11:11 AM
Hi,
Have you find out some solution?
I'm facing the same problem with ASA Version 8.0.x.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: