We have an ASA as a central hub in an IPSec VPN community, with four RVS4000 branch office routers connecting into it.
Setting up the VPN tunnels worked fine, except after a while the tunnels seem to disconnect all by themselves, and they will not reconnect. Browsing the ASA's logs we get:
IP = xx.yy.zz.aa, Received encrypted packet with no matching SA, dropping (where xx.yy.zz.aa is the remote peer)
and on the RVS side we get:
[VPN Log]: "TIMB-ELMS" #10: max number of retransmissions (2) reached STATE_QUICK_I1. No acceptable response to our first Quick Mode message: perhaps peer likes no proposal
If I restart the RVS4000, the VPN connects just fine. If I let it sit for a while (like an hour or so) and hit connect, it connects just fine as well. Furthermore, if I enter the configuration screen for the VPN tunnel on the RVS, and hit SAVE (make no changes) it also connects. Just over time it seems to disconnect, and will not reconnect without a restart.
FYI: There are RVS<=>RVS tunnels in place as well, and they stay up just fine ... it is just the connections to the ASA that seem to drop and not want to reconnect.
Can anyone enlighten me to a source of the problem??