05-14-2009 01:45 AM
Dear Forum,
I am experiencing a strange behavior on a Cisco PIX 515.Site to Site Tunnel s terminating quite often and I get this message.
May 14 10:26:05 192.168.254.133 %PIX-5-713050: Group = 91.198.79.162, IP = 91.198.79.162, Connection terminated for peer 91.198.79.162. Reason: IPSec SA Idle Timeout Remote Proxy 192.168.84.0, Local Proxy 172.26.0.0
Any ideas?
Cheers
Alex
05-20-2009 12:45 PM
The problem might be with the IP pool assignment either through ASA/PIX or Radius server. Use the debug crypto command in order to verify that the netmask and IP addresses are correct. Also, verify that the pool does not include the network address and the broadcast address. Radius servers must be able to assign the proper IP addresses to the clients
05-24-2009 11:06 PM
Thank you your posting, unfortunately there is no Radius server involved. This is a site to site vpn, there is assignment of ip addressen to clients.
Regards
Alex
05-24-2009 11:17 PM
group-policy S2S attributes
vpn-idle-timeout none
Default is 30 minutes.
Peter
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: