11-10-2008 09:52 AM - edited 03-04-2019 12:16 AM
Hey guys,
what is the configuration syntax so that after the router detects no traffic coming from the peer it kills the tunnel.
This is currently what I have, but it doesn't seem to be working.
crypto isakmp policy 5
encr 3des
authentication pre-share
group 2
crypto isakmp key abc123 address 0.0.0.0 0.0.0.0
crypto isakmp keepalive 20
11-10-2008 10:10 AM
Try to change "crypto isakmp keepalive 20" to:
crypto isakmp keepalive 20 periodic
HTH
John
11-10-2008 10:47 AM
Still not killing the tunnel after the 20 seconds ... we're into a minute now.
Also tried "on-demand" with the same result.
11-10-2008 10:11 AM
Hello Brent,
you can influence the duration of dynamic spoke to spoke tunnels.
Spoke to Hub tunnels stay up because the routing protocol hellos are always running.
So you can see an effect only when you ping from lan to lan between two spokes.
This can trigger the dynamic tunnel
After the end of the ping this will be turned down.
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide