we have 871 as VPN client with 2851 as VPN server. every night I have to type "cryp ipsec client ezvpn xauth" with username and password to activate VPN tunnel. which command make it permanent tunnel without to need type username and password every night?
Hi, as you know EzVPN tunnels are not supposed to be permanent as L2L ones.
The tunnel is going to be dropped depending on the IPSec SA lifetime set on the router. If there is no interesting traffic passing by through the tunnel the SA is renegotiated and the tunnel is dropped.
I would suggested set a continuous ping on the remote location so to the other peer so that the interesting traffic is guarantee to be always passing through and the tunnel SAs can be renegotiated, hope this helps.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...