Cisco 831 VPN true home Internet disconnect each 1 hour

slypink911 · ‎02-13-2009

I have a VPN connection between a Cisco 831 and my office's ASA5510 true a DSL modem/router. So the cisco is connected to the Bell modem/router and my pcs are connected on the Cisco

From my office a launch a program that ping the Cisco at each 30 sec. and at each 1 hour i have a dosconnection of the VPN and it goes back on 2 minutes later. If i am connected directly in the modem instead of passing by the router i don't have this trouble. I have the same thing with Videotron connected in a Linksys or Dlink.

Laurent Aubert · ‎02-15-2009

Hi,

Which address are you pinging ? the LAN or the WAN address of the router ? IPSEC SAs have a one hour timeout so if there is not interesting traffic when the timer expires, the SAs will be deleted and then you have to wait for the IPSec SA negociation when you want to send interested traffic again.

If it's the WAN, it's normal because I suppose this address is not part of the interesting encrypted traffic which is LAN2LAN.

HTH

Laurent.

slypink911 · ‎02-16-2009

Hi Laurent,

I am pinging the Lan adress. Your response is interesting is there a way to configure IPsec SA to have to timeout?

Laurent Aubert · ‎02-17-2009

What is your source address ? both of them must be part of your interesting traffic.

Here is a link regarding IPSec SA timers:

http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_c3.html#wp1049300

Laurent.