cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
767
Views
4
Helpful
3
Replies

ASA L2L VPN drops after 8 hours while in use.

PaulWelc
Level 1
Level 1

I have 5 L2L VPN's running off of my Cisco 5520 ASA. One of them is connected to a Juniper NS, at 8 hours the VPN drops and rebuilds while in use, so the user sessions freeze for a minute. Any ideas on how to correct this? Thanks in advance.

3 Replies 3

PaulWelc
Level 1
Level 1

I noticed this in the debug logs. Second message is odd as the VPN is in use when it goes down.

Connection terminated for peer x.x.x.x Reason: Peer Terminate Remote Proxy N/A, Local Proxy N/A

Session Type: IPsec, Duration: 8h:00m:25s, Bytes xmt: 1176522, Bytes rcv: 3280246, Reason: Idle Timeout

Check your lifetime statements on the crypto isakmp policies. That's how many seconds can go by before security associations re-establish. Also in the crypto map there is a lifetime value which can be set to how many seconds before the tunnel gets torn down or how many kilobytes can pass before the tunnel gets torn down.

Thanks RicheeJJJ my settings look correct I wonder if it is on the other side though he connects to Cisco ASA's.

crypto map SBCVPN 2 set peer x.x.x.x

crypto map SBCVPN 2 set transform-set ESP-3DES-SHA

crypto map SBCVPN 2 set security-association lifetime seconds 86400

crypto map SBCVPN 2 set security-association lifetime kilobytes 4608000

crypto isakmp policy 5

authentication pre-share

encryption 3des

hash sha

group 2

lifetime 86400

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: