Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX 501

I currently have a PIX 501 at a remote site and a site to site VPN to a ASA 5510. The remote site runs a POS software over the vpn that is located at HQ. The software will be running fine and the VPN drops and the application will freeze. The remote VPN is not able to intiate the vpn. We can RDP across teh VPN from HQ to remote and the VPN is reintiated and everything is good. This seems to be happening more and more and is becoming a large problem. Also, it seems if we do a constant ping from the remote side to the HQ server the VPN never causes a problem. Also, I have tried to disable keep alives on the ASA(HQ) side and this did not seem to help. Any help would be greatly appreciated.

  • VPN
2 REPLIES
Green

Re: PIX 501

You could run dead peer detection on both devices to keep the tunnel alive.

ASA

tunnel-group x.x.x.x ipsec-attributes

isakmp keepalive threshold 30 retry 2

PIX

isakmp keepalive 30 2

New Member

Re: PIX 501

I actually having this same issue happen to two sites. I did the above on both and it seemed to fix one but not the other. Would you recommend to disable keep alives completely?

117
Views
4
Helpful
2
Replies
This widget could not be displayed.