Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
328
Views
0
Helpful
4
Replies

ASA VPNs down

binelipetrov
Level 1
Level 1

‎02-16-2009 11:10 AM - edited ‎03-11-2019 07:51 AM

Hi, I have two ASA in stateful failover. Once a month, we have a serious problem - all VPNs that are terminated on ASA is dropped, for no obvious reason, and only physically reloading primary ASA can solve the problem. We installed IPS, and also upgraded software from 7.2.2 to 7.2.4, but it is still happening. Anybody has an idea? It is a big problem. Thanks in advance

Labels:
0 Helpful
4 Replies 4

eddie.mitchell
Level 3
Level 3

‎02-16-2009 11:37 AM

What are your phase 1 and 2 timeouts for your VPN tunnels? What is the output of 'sh fail' when the failure occurs?

0 Helpful

binelipetrov
Level 1
Level 1
In response to eddie.mitchell

‎02-16-2009 11:47 PM

All timers for VPNs are on their default values. Also, regarding failover - it is still functional when it hapenned (when all VPNs are dropped)

0 Helpful

jgorman1977
Level 1
Level 1
In response to binelipetrov

‎02-17-2009 11:45 AM

I ran into this and fixed the issue using command isakmp nat-t 25, then rebooting both ASA's.

0 Helpful

binelipetrov
Level 1
Level 1
In response to jgorman1977

‎02-18-2009 01:54 AM

Did you solved it with software version 7.2? What was the problem, by your opinion? I can not connect nat-t with dropped tunnels...

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card