VPN Concentrator L2L tunnels disconnects

Unanswered Question
Apr 15th, 2009

Hi,

I am hoping someone will be able to help me, as i am having problems resolving an issue i have with a L2L tunnel.

I am very much a newbie to the VPN concentrator so that is not helping.

I have a L2L tunnel from my client to a external party in this case it is SAP.

My client runs a 'SAP router' app on one of their servers which monitors the connection to the SAP network. Intermittantly this app reports the connection as being down.

My concentrator is processing other L2L tunnels and client/laptop VPN sessions at the samtime these disconnects occur so i dont think its my infrastructure as such.

Around the time the app reports the loss i see in the syslogs the following

SEV=5 IKE/50 RPT=3979 <remote IP> Group [<remote IP>] Connection terminated for peer <remote IP>. Reason: Peer Terminate Remote Proxy <remote IP LAN>, Local Proxy <my local proxy IP>

I am trying to figure out from this message why the tunnel is dropping and who is deciding to do the terminating is the problem my end or the far end ?

This tunnel can be up for many hours or just a few minutes sometimes before i get this message

Any help would be very much appreciated.

My end Cisco 3000 series concentrator SAP end is Cisco 7200 router.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ivan Martinon Fri, 04/17/2009 - 07:31

Can you please check that both ends have the lifetime set correctly? if they are set to defaults this will cause a mismatch since they have diff values and this is known to affect.

stuart.jones Mon, 04/20/2009 - 16:42

Hi,

Thanks for the reply.

We did have a difference in the lifetimes, this has now been corrected but we still see the diconnects.

IKE lifetime now 14,400 mins

IPSEC lifetime now 7200 secs

On both ends, but same message in that its terminating the L2L tunnel but no real reason why ?

Thanks

Stu

Actions

This Discussion