Site to Site VPN goes down on Rekey

Answered Question
Jan 7th, 2009
User Badges:

Hello, I have a site to site VPN connected to my ASA5510 with a non-Cisco that goes down on rekey. When this happens, I have to rebuild the VPN from scratch. Any ideas on what could be causing this?

Correct Answer by Ivan Martinon about 8 years 6 months ago

There have been some known issues on this since both devices cannot agree on a real time to create the rekey, what I mean is that Cisco Gear might want to do the rekey after 90% of the lifetime might have passed and proably this 3rd party vendor will do it later or sooner. But the truth is that you would need to run some ike and ipsec debugs to see why this tunnel is not kept after rekey is complete.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (1 ratings)
Loading.
Correct Answer
Ivan Martinon Fri, 01/09/2009 - 16:51
User Badges:
  • Cisco Employee,

There have been some known issues on this since both devices cannot agree on a real time to create the rekey, what I mean is that Cisco Gear might want to do the rekey after 90% of the lifetime might have passed and proably this 3rd party vendor will do it later or sooner. But the truth is that you would need to run some ike and ipsec debugs to see why this tunnel is not kept after rekey is complete.

Actions

This Discussion