I have a handfull of IPSEC Tunnels that randomly become unresponsive. I have not been successfull in gathering any good information as to why. When I look at the debug logs, i see no traffic going up or down the tunnel. The tunnel is said to be connected according to ASDM. The only thing I can do at this point is to logout the tunnel through the ASDM and as soon as trafiic is initiated, the tunnel builds just fine. Any suggestions??? As far as I know, most of the remote firewalls are Checkpoints. Thank you.
I'm experiencing the same problem with a tunnel between a Pix-515 and an 1811 router. The 1811 is a new addition (where Pix-506's are used on other tunnels) and has been a nightmare.
I upgraded from 7.0.4 to 7.0.6 and that fixed half the issue. I no longer have to "logout" the tunnel to get it working again. Unfortunately not all the problems have been solved as user's tcp sessions are broken several times a day.
I may have found the problem. After comparing all my configurations with the remote administrator we found that our timings are different. His rekey time was much shorter than mine, so we suspect that this could be the cause. We changed our timings to match just Friday, so I will let you know if this appears to fix the issue.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...