Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Concentrator to 3845 Tunnel Drops

We have a 3845 router that peers 20 plus IPSEC VPN tunnels. One tunnel connects to a 3060 Concentrator. For some reason, the tunnel drops periodically.

We have this config on our side:

crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

group 2

lifetime 28800

crypto map VPN 30 ipsec-isakmp

set peer xxx.xxx.xxx.xxx

set security-association lifetime seconds 86400

set transform-set strong

set pfs group2

match address RemotePeer

reverse-route

We are using a PSK on the peers, and the concentrator has matching settings.

My question is could the drops be caused by the IPSEC timer being larger than the ISAKMP timer?

Any advise is greatly apprecitated.

1 REPLY
New Member

Re: Concentrator to 3845 Tunnel Drops

try to set isakmp lifetime more than 100000

119
Views
0
Helpful
1
Replies
CreatePlease login to create content