Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
505
Views
0
Helpful
2
Replies

Do ASA firewalls have a VPN keep alive option?

andrew52
Level 1
Level 1

‎05-04-2023 06:32 AM

Hello, I have a vpn tunnel from my servers behind a cisco to my azure server. I have to ping from the servers behind the cisco to the azure before I can ping from the azure to the cisco.

xvideos
Labels:
0 Helpful
2 Replies 2

M02@rt37
VIP
VIP

‎05-04-2023 06:36 AM

Hello @andrew52,

It's possible that the VPN keep-alive option is contributing to the issue, as it could be causing the VPN tunnel to stay active even when there is no traffic passing through it. However, keep-alive should not cause the behavior you're describing where you need to ping from one side to the other to establish connectivity.

Instead, it's more likely that there is a routing issue between your servers behind the Cisco and your Azure server. When you ping from the servers behind the Cisco to the Azure server, it could be triggering the routing table to update and establish the proper route for traffic coming from the Azure server to the servers behind the Cisco. Without this initial trigger, the routing table may not be properly updated to allow traffic to flow both ways.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

MHM Cisco World
VIP
VIP

‎05-04-2023 06:47 AM - edited ‎05-04-2023 07:03 AM

ASA have keepalive and it run by default in l2l vpn
from cisco doc.
In every tunnel group, IKE keepalives are enabled by default with default threshold and retry values. You can apply this attribute only to IPsec remote access and IPsec LAN-to-LAN tunnel group types.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card