Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5505 Does Not Reconnect

I have a remote ASA 5505 running 8.3(2) that establishes a site to site VPN to a central ASA 5520 running 8.4(2) immediately upon startup. Then within a random interval ranging from 5 seconds to an hour, the VPN loses the connection, and is not reconnected. Only a reload of the remote ASA will reestablish the VPN tunnel. Then everything is fine until the next disconnection. Both sides have matching lifetimes, and keep alives are enabled on both sides. The debug from the remote ASA is attached, showing what happens through several disconnect/reload sessions.

Everyone's tags (4)
2 REPLIES
Cisco Employee

ASA 5505 Does Not Reconnect

Bill,

You might want to turn off keepalives - they are what is causing you to drop the VPN:

Feb 28 16:22:06 [IKEv1]: Group = 168.166.75.6, IP = 168.166.75.6, IKE lost contact with remote peer, deleting connection (keepalive type: DPD)

Is that IP address off the inside interface? 

We might need a look at the config on that ASA to get a better picture of what is going on.  It looks like it tries to re-initiate a connection but never gets a response back from the other side, but works after a reboot.

--Jason

New Member

ASA 5505 Does Not Reconnect

Thanks for the help, but we found out that our ISP had issued duplicate static IP addresses.

666
Views
0
Helpful
2
Replies
CreatePlease to create content