Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1966
Views
3
Helpful
4
Replies

IPSEC Tunnels always UP

Tauer Drumond
Level 1
Level 1

‎04-15-2009 07:31 AM - edited ‎03-11-2019 08:18 AM

Hi all,

I've a ASA 5540 and configured a Site-to-Site VPN, but the IPSEC tunnels frequently goes down, and when I ping a remote host, the tunnels go UP.

Is there a way to keep the tunnels always UP?

Thanks

Tauer

Labels:
0 Helpful
4 Replies 4

networker99
Level 1
Level 1

‎04-15-2009 09:25 AM

You might be able to enter 0 for the idle timeout however not sure if this is possible. Why not just increase the idle timeout?

acomiskey
Level 10
Level 10
In response to networker99

‎04-15-2009 09:42 AM

Configure isakmp keepalives on both ends...

securityappliance(config)#tunnel-group x.x.x.x ipsec-attributes

securityappliance(config-tunnel-ipsec)isakmp keepalive threshold 15 retry 10

0 Helpful

Tauer Drumond
Level 1
Level 1
In response to acomiskey

‎04-15-2009 10:19 AM

ok... I'll apply.

I post the result

Thanks

Tauer

0 Helpful

lrm001c474
Level 1
Level 1

‎04-15-2009 06:00 PM

Enable dead peer detection with the following group level command:

isakmp keepalive

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card