Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1549
Views
0
Helpful
1
Replies

Cannot enable DPD for site2site VPN.

valeriy.vainkop
Level 1
Level 1

‎04-10-2012 05:26 AM - edited ‎02-21-2020 04:36 AM

I have ASA 5510 on one side & 5505 on the other. Both have 8.4.3 ASA & 6.4.7 ASDM image.

When internet channel on the side of 5510 or 5505 goes down ASDM still shows that vpn is ok, but in fact it's not

After I manually right click on channel & logout it reconnects immediately & VPN reestablishes immediately too.

In ASDM in IPsec site2site connection profile ->tunnel group->monitor keepalives

Confidence interval: 10

Retry interval: 2

This is configured equally on both sides. For some reason it doen't work

When I try to configure it through telnet like this:

conf t

tunnel-group 222.222.222.221 ipsec-attributes

isakmp keepalive threshold 10 retry 2

write memory

It doesn't show any error, but I can't see this line in config when I show conf

Am I doing smth wrong? Plz correct me

0 Helpful
1 Reply 1

Pulkit Nagpal
Cisco Employee
Cisco Employee

‎04-14-2012 07:21 AM

moving this discssion to Security section for better response.

Regards,

Pulkit

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card