I am experiencing a strange behavior on a Cisco PIX 515.Site to Site Tunnel s terminating quite often and I get this message.
May 14 10:26:05 192.168.254.133 %PIX-5-713050: Group = 126.96.36.199, IP = 188.8.131.52, Connection terminated for peer 184.108.40.206. Reason: IPSec SA Idle Timeout Remote Proxy 192.168.84.0, Local Proxy 172.26.0.0
The problem might be with the IP pool assignment either through ASA/PIX or Radius server. Use the debug crypto command in order to verify that the netmask and IP addresses are correct. Also, verify that the pool does not include the network address and the broadcast address. Radius servers must be able to assign the proper IP addresses to the clients
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...