Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPSec tunnel between ASA and ZyWall disconnects after 45 minutes

I have an issue with stability of a VPN tunnel. I have created a fully functional site-2-site VPN between a ASA 5510 cluster running (8.3.1) and a Zyxel ZyWall 5 running 4.04 firmware.

The tunnel works fine for 45 minutes. A that time, the ASA starts with IKE rekeying. It seems that the ZyWall does not fully understand what the ASA is trying, and decides to drop the Phase1 and Phase2 tunnels. Then, as interesting traffic is offered from either side, the tunnel starts to build up from scratch. The whole process takes a few minutes. 

This resembles some issues that CheckPoint has when connecting to an ASA firewall as described in this link. 

I'm a bit lost on how to solve this issue (besides replacing the ZyWall with an ASA). Any help would be appreciated.

 

Everyone's tags (1)
306
Views
0
Helpful
0
Replies