02-13-2009 08:00 AM - edited 03-04-2019 03:33 AM
I have a VPN connection between a Cisco 831 and my office's ASA5510 true a DSL modem/router. So the cisco is connected to the Bell modem/router and my pcs are connected on the Cisco
From my office a launch a program that ping the Cisco at each 30 sec. and at each 1 hour i have a dosconnection of the VPN and it goes back on 2 minutes later. If i am connected directly in the modem instead of passing by the router i don't have this trouble. I have the same thing with Videotron connected in a Linksys or Dlink.
02-15-2009 12:12 PM
Hi,
Which address are you pinging ? the LAN or the WAN address of the router ? IPSEC SAs have a one hour timeout so if there is not interesting traffic when the timer expires, the SAs will be deleted and then you have to wait for the IPSec SA negociation when you want to send interested traffic again.
If it's the WAN, it's normal because I suppose this address is not part of the interesting encrypted traffic which is LAN2LAN.
HTH
Laurent.
02-16-2009 06:00 AM
Hi Laurent,
I am pinging the Lan adress. Your response is interesting is there a way to configure IPsec SA to have to timeout?
02-17-2009 05:43 PM
What is your source address ? both of them must be part of your interesting traffic.
Here is a link regarding IPSec SA timers:
http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_c3.html#wp1049300
Laurent.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide