l2l vpn drops every 30 seconds

ryancolson · ‎12-05-2008

Me and a friend just set up a lan2lan ipsec tunnel for voip testing. It works fine, but every 30 seconds the tunnel will actually drop, and usually two pings will be lost, then will automatically come back up for 30 seocnds, etc etc. I did not see any timers even close to 30 seconds. I am running 8.0.4(16), this happened when I was running 8.0.4(3) as well. The other side is running a 1721 behind a 2 wire using NAT-T. Niether side of the tunnel is being used heavily and I looked at the connection table/graph in the ASDM, and the tunnel is dropping exactly every 30 seconds just for about 3 seconds

ryancolson · ‎12-06-2008

its actually about every 87 seconds. Same amount of time, and comes back up within 2 or 3 pings. I have attached some debug infoipsec debugging level 100 for what happens when the tunnel drops

IPSEC: Deleted inbound decrypt rule, SPI 0xE28D753B

Rule ID: 0xDB3D7838

IPSEC: Deleted inbound permit rule, SPI 0xE28D753B

Rule ID: 0xD9ACCA78

IPSEC: Deleted inbound tunnel flow rule, SPI 0xE28D753B

Rule ID: 0xDAFB45E0

IPSEC: Deleted inbound VPN context, SPI 0xE28D753B

VPN handle: 0x00231BEC

IPSEC: Deleted outbound encrypt rule, SPI 0x90D0D671

Rule ID: 0xDB36CE58

IPSEC: Deleted outbound permit rule, SPI 0x90D0D671

Rule ID: 0xDB35B350

IPSEC: Deleted outbound VPN context, SPI 0x90D0D671

VPN handle: 0x0022C22C