Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
639
Views
4
Helpful
2
Replies

VPN Tunnel Issue on PIX

kdoshi_80
Level 1
Level 1

‎12-11-2006 03:01 PM - edited ‎03-11-2019 02:07 AM

Hello,

I just setup a VPN tunnel between 2 PIX's. But my PIX 501 drops the connection in about 10 minutes. What I noticed is that when I reload, I can ping outside ip addresses form the PIX and the tunnel is up. However, in 10 minutes the tunnel is down, I am not able to ping outside addreses anymore, but PC's behind the PIX still have full internet access. Any help will be greatly appreciated.

Thanks,

KDoshi

Labels:
0 Helpful
2 Replies 2

Fernando_Meza
Level 7
Level 7

‎12-11-2006 03:23 PM

Hi ..

Check the configuration on both PIXes .. what are the value for the security association and isakmp policy lifetime ..? The below values shoudl be OK but make sure they are the same in both PIXes.

crypto ipsec security-association lifetime seconds 43200 (<- 12 hours)

isakmp policy 20 lifetime 86400 (<-24 Hours)

Also of course make sure that when the tunnel is down both PIXes still have Internet connectivity

I hope it helps .. please rate if it it does !!!

flopez
Level 1
Level 1

‎01-02-2007 03:58 PM

I had something like this happen.

Make sure your ISAKMP policies match. I had one site with the DH-Group 1 and the other one did not have any. This was causing my site without the DH1 to get disconnected.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card