cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1796
Views
0
Helpful
3
Replies
Beginner

site to site vpn tunnel disconnect

Dear Cisco

I am using 5 Cisco 5505 ASA builed site to site VPN.

site B,C,D,E all site to site VPN to site A with only IKEv2 IPSEC configurartion.

Reading from Site A ASDM.  Monitoring VPN always can read all four site are connected.  But, I found that Site D and E the login time during reset time to time with few hours. 

1) I would like to know the login time during reset is normal or not?

2) any setup or configuration can fine tune the site to site VPN.  Make VPN tunnel more stable?

3) any menthod can monitor site to site VPN is health or not?

Thank you so much for your help

Alan.

1 ACCEPTED SOLUTION

Accepted Solutions
Advisor

site to site vpn tunnel disconnect

A. Typically the time is set to 86400 for expiration. It can also be set by amount of traffic

B. Yes. Try enabling IKE keepalives

C. Just checking the logs is all I know of

Here's a good doc on VPN's

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml

3 REPLIES 3
Advisor

site to site vpn tunnel disconnect

A. Typically the time is set to 86400 for expiration. It can also be set by amount of traffic

B. Yes. Try enabling IKE keepalives

C. Just checking the logs is all I know of

Here's a good doc on VPN's

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml

Beginner

site to site vpn tunnel disconnect

Dear Collin

How to enableing IKE keepalives?

By enter following command ?

#sysopt connection preserve-vpn-flows

or

#crypto isakmp policy 50 lifetime 0

Best regards

Alan.

Highlighted
Beginner

test posted unsuccess

test posted unsuccess