Hi, fellows,
I have some problems with making stable VPN between SRP512W and ISR1811.
Configuration:
- IKE policy - 3DES/SHA1 group2(1024bits)
- crypto map on ISR1811
One of the main issues I've noted appears when SRP loose it's IP connectivity to remote router, even if this connectivity interruption lasts for only couple of seconds. When the IP connectivity is restored SRP is unable to re-establish the IPSec session. There is connect/disconnect option in SRP menu (Status -> VPN Status -> Connect/Disconnect) and automatic VPN disable (VPN -> Site-to-Site VPN -> IKE policy -> Enable Dead Peer Detection) yet I couldn't found any option for nor automatic mechanism for VPN reconnection when the IP connectivity is reestablished. This issue lead to interruption of Site-to-Site VPN service when there is some short outages within the ISP network.
Another issue is building GRE tunnels between the same devices. Can you verify my configuration? Belive it or not - I spent more than 4-5 hours and couldn't do it.
ISR:
interface Tunnel1
ip address <Tunnel IP Address / NetMask>
tunnel source <ISR IP Address>
tunnel destination <SRP Address>
tunnel mode gre ip
SRP:
VPN -> GRE Tunnel -> Tunnel 1; WAN interface, destination IP, remote ip address/network /the tunnel seems up, but there are no IP connectivity and traffic flow
Should I make some additional settings/configurations ?