Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Bronze

crypto isakmp keepalive in IOS and Pix/ASA

I have an IOS 12.4(24)T4 router with 100 IPSec site-to-site VPNs on this router.  I would like to enable "crypto isakmp keepalive 10" for only 10 sites.  The other remaining 90 sites can not have"crypto isakmp keepalive" enable.

Is this possible with IOS routers?  This feature, as I understand is available in Pix.

1 REPLY

crypto isakmp keepalive in IOS and Pix/ASA

Not possible on router and Pix but yes on ASA per tunnel basis.

Configure ISAKMP keepalives in Cisco IOS with this command:

router(config)#crypto isakmp keepalive 15

Use these commands to configure ISAKMP keepalives on the PIX/ASA Security Appliances:


    • Cisco PIX 6.x

      pix(config)#isakmp keepalive 15

    • Cisco PIX/ASA 7.x and later, for the tunnel group named 10.165.205.222

      securityappliance(config)#tunnel-group 10.165.205.222    ipsec-attributes securityappliance(config-tunnel-ipsec)#isakmp keepalive    threshold 15 retry 10

      Thanks
      Ajay

    2200
    Views
    0
    Helpful
    1
    Replies
    CreatePlease to create content