Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
439
Views
0
Helpful
2
Replies

l2l tunnel only established on one end

kope
Level 1
Level 1

‎01-31-2012 01:42 PM

I have a l2l tunnel only can established the tunnel on one end; the other end unable to initiate the tunnel if the tunnel is timeout.

I noticed the role on the other end is "responder".

Can i configure the tunnel so that both end can initiate tunnel establishment?

Alternatively, is it possible to configure so there is no timeout once the tunnel has established?

Thank you.

Labels:
0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-31-2012 06:11 PM

In an IPSec LAN-LAN tunnel, the role of responder generally can vary according to which end is first presented with interesting traffic requiring the establishment of the tunnel. Timeouts (and associated tunnel renewals) are a natural part of IPsec and should not generally cause issues.

If you provide the relevant sections of your devices' configurations, you have a better chance of getting a more specific and actionable answer.

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni

‎01-31-2012 10:13 PM

Hello Kope,

Please provide relevant configuration of both sites so we can determine why this is happening.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents