Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Site to Site VPN Tunnel Time-out

The site to site vpn tunnel between the ASA 5510 and ASA 5505 loses connection after more 24 hours of inactivity. However, once I ping the inside address of the ASA 5505 from the ASA 5510 side of the tunnel, the VPN tunnel wakes and continue to work.

I have changed the Crypto isakmp policy

life time to none, but it does not help.

Please help!

  • Other Security Subjects
3 REPLIES
New Member

Re: Site to Site VPN Tunnel Time-out

This is how the products are designed to work....once the IKE SA's time out the tunnel drops until additional interesting traffic is sent.

New Member

Re: Site to Site VPN Tunnel Time-out

The problem is when the remote users return

to their office over the weekend, the vpn

tunnel is down and they are not able to

connect their computers to the HQ computers.

The VPN tunnel can be waken up by

cycling the power of the remote ASA or I ping

its inside NIC IP address from the other end

of the tunnel.

Any suggestions? Thank you!

New Member

Re: Site to Site VPN Tunnel Time-out

OK, The VPN time-out problem has been found.

It was the bandwidth that causes the problem.

Once we upgraded the bandwidth, the problem had gone.

397
Views
0
Helpful
3
Replies
This widget could not be displayed.