Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Large Network Lists and Many IPsec Sessions

Has anyone experienced a problem with dropped individual IPsec sessions within a lan-2-lan connection if you are using network lists which necessitate several different IPsec session within the connection? For instance say your have a LAN-to-LAN connection with three subnets defined for one side of the tunnel and 12 subnets on the other side of the tunnel. This would result in having one IKE session for the and several different IPsec sessions each with its own session ID. What we are finding is that after running okay for days or weeks - one of those IPsec sessions might disappear and traffic between the affected subnets won't pass. I'm speaking of a PIX to a CVPN3000.

It seems like the problem does not crop up when you have a very simple setup like a spoke office with one subnet which tunnels a few subnets to a CVPN.

New Member

Re: Large Network Lists and Many IPsec Sessions

I've seen problems like this in some older codes. Specifically with the pix. You running 5.3? Make sure you update your software on both devices.


CreatePlease login to create content