Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
897
Views
0
Helpful
1
Replies

Crypto Map Dynamic IP Reconnection Issues

mh144831
Level 1
Level 1

‎04-19-2004 07:06 AM - edited ‎02-20-2020 11:21 PM

Hello,

We are connecting using at each remote site a Cisco 837 router with a ISDN modem as a passthrough to a PIX Firewall.

Each time the ISDN connection drops the Cisco box either requires a reboot or the crypto map to be restarted before anyone can connect through to the PIX. Has anyone got any ideas please?

Many Thanks

Mark

0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎04-20-2004 05:11 PM

It'll be because the PIX doesn't recognise that the tunnel has gone down, and therefore still tries the old tunnel and nothing works, until you reboot the PIX or clear down the tunnels. All this does is make the PIX build new tunnels and everything works.

You need to enable ISAKMP keepalives on both ends so that they'll determine that the other end has gone down and reset their own tunnels, allowing new ones to be built.

Use:

crypto isakmp keepalive 30

on the router, and:

isakmp keepalive 30

on the PIX and they'll send keepalives every 30 seconds then and quickly know if the other end has died.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card