Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5505 EZVPN

The EZVPN has been setup on ASA 5505 vpn back to hub ASA 5520 for awhile and it is working the way we wanted.  It was setup as tunnel everything.

Recently, I made a change to split tunneling to allow servers out to internet.  The connection is up and running but after 30 minutes or so no users able to connected to server behind the 5505.  It should triggers the interesting traffic and build the connection but it did not.  The crypto ISAKMP SA shows the connection active.  To trigger the traffic, I have to go to 5505 and ping the ip address of users LAN.

The IPSEC lifetime was increase to 84600 seconds and on the hub side the vpn idle time out and vpn session time out were set to none and still no good.

Anyone has any idea is appreciated.

1 REPLY
New Member

Re: ASA 5505 EZVPN

I forgot to mention I also setup the sla monitor but it did not work even manually ping same device is response.  When check the sla monitor it shown the lastest operation return code: timeout although the status is active.

404
Views
0
Helpful
1
Replies