Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

put in vpn on up

Hello,

can you tell me how can I return up the VPN tunnel,

FYI

I encounter this problem only after a period XX (probably ater 24 hours or at 9h20min) of inactivity ,

RTR-SDSL#sh crypto isakmp policy

Global IKE policy

Protection suite of priority 1

        encryption algorithm:   Three key triple DES

        hash algorithm:         Message Digest 5

        authentication method:  Pre-Shared Key

        Diffie-Hellman group:   #2 (1024 bit)

        lifetime:               86400 seconds, no volume limit

Default protection suite

        encryption algorithm:   DES - Data Encryption Standard (56 bit keys).

        hash algorithm:         Secure Hash Standard

        authentication method:  Rivest-Shamir-Adleman Signature

        Diffie-Hellman group:   #1 (768 bit)

        lifetime:               86400 seconds, no volume limit

RTR-SDSL#

RTR-SDSL#sh crypto session       

Crypto session current status

Interface: FastEthernet0/0

Session status: DOWN

Peer: X.X.X.X port XXXX

  IPSEC FLOW: permit ip 0.0.0.0/0.0.0.0 Z.Z.Z.Z/255.255.255.128

        Active SAs: 0, origin: crypto map

  IPSEC FLOW: permit ip Z.Z.Z.Z/255.255.255.128 0.0.0.0/0.0.0.0

        Active SAs: 0, origin: crypto map

6 REPLIES
Bronze

put in vpn on up

Hi,

did you try to enable isakmp keepalives ?

   Router(config)#crypto isakmp keepalive 60 10

60 and 10 are only examples here.

------------------
Mashal Shboul

------------------ Mashal Shboul
New Member

put in vpn on up

Hi mashal,

could you plz tell me what does mean 60 and 10 value?

Best regards.

Bronze

put in vpn on up

Hi,

Router(config)#crypto isakmp keepalive  X  Y

X:   <10-3600>  Number of seconds between keep alives

Y :  <2-60>     Number of seconds between retries if keepalive fails

HTH

------------------
Mashal Shboul

------------------ Mashal Shboul
New Member

put in vpn on up

Should I put it on both side or just one?

Bronze

put in vpn on up

One side keepalives should be enough here.

------------------
Mashal Shboul

------------------ Mashal Shboul
New Member

put in vpn on up

I will test it and I will keep you informed ASAP!!

TNKS!

169
Views
0
Helpful
6
Replies