Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3120
Views
0
Helpful
3
Replies

site to site vpn tunnel disconnect

Go to solution
alan-wong
Level 1
Level 1

‎12-13-2012 05:58 AM

Dear Cisco

I am using 5 Cisco 5505 ASA builed site to site VPN.

site B,C,D,E all site to site VPN to site A with only IKEv2 IPSEC configurartion.

Reading from Site A ASDM.  Monitoring VPN always can read all four site are connected.  But, I found that Site D and E the login time during reset time to time with few hours. 

1) I would like to know the login time during reset is normal or not?

2) any setup or configuration can fine tune the site to site VPN.  Make VPN tunnel more stable?

3) any menthod can monitor site to site VPN is health or not?

Thank you so much for your help

Alan.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎12-13-2012 08:09 AM

A. Typically the time is set to 86400 for expiration. It can also be set by amount of traffic

B. Yes. Try enabling IKE keepalives

C. Just checking the logs is all I know of

Here's a good doc on VPN's

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎12-13-2012 08:09 AM

A. Typically the time is set to 86400 for expiration. It can also be set by amount of traffic

B. Yes. Try enabling IKE keepalives

C. Just checking the logs is all I know of

Here's a good doc on VPN's

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml

0 Helpful

Go to solution
alan-wong
Level 1
Level 1
In response to Collin Clark

‎12-13-2012 08:16 AM

Dear Collin

How to enableing IKE keepalives?

By enter following command ?

#sysopt connection preserve-vpn-flows

or

#crypto isakmp policy 50 lifetime 0

Best regards

Alan.

0 Helpful

Go to solution
alan-wong
Level 1
Level 1
In response to alan-wong

‎04-07-2014 02:51 AM

test posted unsuccess

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents