I have a site to site tunnel that is causing application disconnects due to IKE negotiations. We have an ASA 5510 on one end, and a Sonicwall on the other. What would cause the IKE Initiator to kick off? The tunnel shows up for 26 days. There is a rekey setting for every 8 hours, and these don't correspond to the log entries. Here are those entries with private addresses changed.
Time Description Source Destination
07/11/2007 09:47:17.192 Received IPSEC SA delete request 184.108.40.206, 500 220.127.116.11, 500 SPI:0x6376b91f
07/11/2007 09:47:15.336 IKE negotiation complete. Adding IPSec SA. (Phase 2) 18.104.22.168 22.214.171.124 ESP:3DES, HMAC_SHA1, lifeSeconds=28800 Local SPI:0x136646bf Remote SPI:0xd30f45d0
This might be due to wron gconfiguration. If you happen to configure the line "crypto dynamic-map Outside_dyn_map 40 match address Outside_cryptomap_dyn_40" remove as it that suits your configuration .
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...