Despite the fact that I have the following setting:
crypto isakmp nat-traversal 10
All tunnels are bi-directional.
Our l2l tunnels keep dropping due to inactivity. On one client, the tunnel drops and doesn't come back up unless you remove the remote IP range from their object group and re-add it. This issue is secondary, however.
What I really want to know is how to keep tunnels from timing out due to inactivity.
Thanks!
Hi,
Have you tried configuring
vpn-idle-timeout none
Under the "group-policy" of the L2L VPN connection?
If you dont have a "group-policy" configured for the L2L VPN you would naturally have to create one and add it under the "tunnel-group"
To be honest I have not had to configure this setting on any of the L2L VPN we have so I am not sure if this will help with your situation.
Hope this helps
- Jouni