Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA L2L VPN drops after 8 hours while in use.

I have 5 L2L VPN's running off of my Cisco 5520 ASA. One of them is connected to a Juniper NS, at 8 hours the VPN drops and rebuilds while in use, so the user sessions freeze for a minute. Any ideas on how to correct this? Thanks in advance.

3 REPLIES
New Member

Re: ASA L2L VPN drops after 8 hours while in use.

I noticed this in the debug logs. Second message is odd as the VPN is in use when it goes down.

Connection terminated for peer x.x.x.x Reason: Peer Terminate Remote Proxy N/A, Local Proxy N/A

Session Type: IPsec, Duration: 8h:00m:25s, Bytes xmt: 1176522, Bytes rcv: 3280246, Reason: Idle Timeout

New Member

Re: ASA L2L VPN drops after 8 hours while in use.

Check your lifetime statements on the crypto isakmp policies. That's how many seconds can go by before security associations re-establish. Also in the crypto map there is a lifetime value which can be set to how many seconds before the tunnel gets torn down or how many kilobytes can pass before the tunnel gets torn down.

New Member

Re: ASA L2L VPN drops after 8 hours while in use.

Thanks RicheeJJJ my settings look correct I wonder if it is on the other side though he connects to Cisco ASA's.

crypto map SBCVPN 2 set peer x.x.x.x

crypto map SBCVPN 2 set transform-set ESP-3DES-SHA

crypto map SBCVPN 2 set security-association lifetime seconds 86400

crypto map SBCVPN 2 set security-association lifetime kilobytes 4608000

crypto isakmp policy 5

authentication pre-share

encryption 3des

hash sha

group 2

lifetime 86400

422
Views
4
Helpful
3
Replies
CreatePlease to create content