I have several L2L VPN's to the Microsoft Azure cloud and I am see these randon disconnects once very hours or so, an dfrom the logs it looks like a what is a delete message that is sent from the other side. we dont have any timouts on our side, has anyone seen this type of issue, we have other L2L to other places and no issue there.
We are experiencing the exact same issue you are describing. If we keep an RDP session open, about every 57 minutes it disconnects briefly, then the VPN comes back online.
In the case we have open with Microsoft, they said to look at whats called Quick mode security association lifetime. For Azure, its hard coded at an hour. 3600 seconds is what it needs to be on the Cisco side. Apparently if it is set to more than this, Azure will disconnect.
Here are our settings, however, which seem to indicate we have things set up as they suggest.
crypto map External_map4 13 match address External_cryptomap_12
crypto map External_map4 13 set peer [ip address removed for security of this post]
crypto map External_map4 13 set ikev1 transform-set ESP-AES-256-SHA
crypto map External_map4 13 set security-association lifetime seconds 3600
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...