Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

it
New Member

VPN 3000 log error message

Can someone help me with the following messages in my VPN 3000 log? Basically the client connects and authenticates fine but he user has been experiencing eratic behavior with slow browsing and dismal file transfer performance (all of a sudden). After he connects I get this message in the logs:

14819 10/31/2003 07:06:29.020 SEV=4 IKE/120 RPT=605 208.51.218.19

Group [groupcorp] User [user]

PHASE 2 COMPLETED (msgid=1f1f2690)

14820 10/31/2003 07:06:58.990 SEV=5 IKE/194 RPT=225 208.51.218.19

Group [groupcorp] User [user]

Sending IKE Delete With Reason message: Maximum Configured SA Lifetime Exceeded.

2 REPLIES
Silver

Re: VPN 3000 log error message

You might have set a very small time as your SA lifetime. As a result of that frquent renegotiations might be taking place which are computationally expensive and might be degrading your throughput. Rechecking the configured lifetimes would be a good idea.

it
New Member

Re: VPN 3000 log error message

Well the SA data lifetime is: 10000 and the time lifetime is 28800. Both are the default. This is just for the MD5 side. There are 6 other protocols to go through. I assume there all the same.

212
Views
0
Helpful
2
Replies