Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
420
Views
0
Helpful
3
Replies

how to keep EZvpn tunnel up on IOS router

bdecout
Level 1
Level 1

‎06-20-2006 04:11 PM - edited ‎03-09-2019 03:19 PM

We have remote offices using EZvpn on PIX 506e to connect to corporate.

To prevent tunnel to go down we had to use the command "vpnclient nem-st-autoconnect"

We are now trying to replace the 506e with an IOS router.

What is the command equivalent on IOS to keep tunnel up when there is no traffic

crypto isakmp keepalive X X doesn't work.

The only solution I can think off for the moment is to use object tracking to have the router ping every few minutes to keep the tunnel alive.

Is there a better solution?

Thanks

Labels:
0 Helpful
3 Replies 3

fanjianghao
Level 1
Level 1

‎06-20-2006 07:56 PM

You may try to use Lan-to-Lan VPN for long time tunnel up.

0 Helpful

fanjianghao
Level 1
Level 1

‎06-20-2006 10:25 PM

or you can try modify idle timer:

Rack01R2(config)#crypto ipsec security-association idle-time ?

<60-86400> Idle time at which IPSec SAs are deleted

0 Helpful

pkapoor
Level 3
Level 3

‎06-22-2006 05:22 AM

Under the crypto configuration for the client on the IOS router (e.g. crypto ipsec client ezvpn xyz123), set "mode network-extension". Further, you can also configure "connect auto" under the same sub-level.

Those are the equivalent of the PIX command.

0 Helpful
Customers Also Viewed These Support Documents