04-27-2006 01:18 PM - edited 02-21-2020 02:23 PM
I used the almost same config as
IOS router 12.0(7)T on 2621 (8MB flash)
PIX 515 6.2
the tunnel works fine during lifetime of 3600 seconds, then just after renegociation, it drops the connection.
the only way is to clear crypto sa on PIX and / or the router to re initialize the tunnel.
I tried PFS Y/N, I tried keepalive on both ends, always the same issue.
any idea?
04-27-2006 05:52 PM
Hi I had similar issue ages ago but adding the below command on the router fixed teh issue
crypto isakmp keepalive 10
04-27-2006 10:51 PM
I have these keepalive on the PIX and the router.
But it is isakmp keepalive.
I think the pb comes from the ipsec renewal since it appears at the end of the lifetime of ipsec, not isakmp
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: