Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
526
Views
0
Helpful
0
Replies

Cisco 881 VPN Auto Reconnect

Brad Krakow
Level 1
Level 1

‎07-11-2017 04:58 AM

I have several Cisco 881 deployed in the field for VPN connectivity back to my main office.   When the ASA at the main office gets rebooted during routine maintenance, the Cisco 881 always have to be rebooted before they will re-establish a VPN connection.   Is there anything I can put in the config, that would allow the Cisco 881's to auto reconnect after the ASA has been rebooted?   Below is a copy of one of the configs.  Thanks in advance.

hostname TESTvpn

no logging buffered
enable secret 5 *********************

no aaa new-model
clock timezone EASTERN -5

crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2

crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac

crypto ipsec client ezvpn VPN3000
 connect auto
 group CommunitySplitTunnel key ******
 mode network-extension
  peer Test.com default
    username TESTuser password ********
 xauth userid mode local

no ip dhcp use vrf connected
ip dhcp excluded-address 172.30.40.1
ip dhcp excluded-address 172.30.40.2
ip dhcp excluded-address 172.30.40.31 172.30.40.255
ip dhcp excluded-address 172.31.40.1 172.31.40.120


ip dhcp pool DHCP-Voice
   import all
   network 172.30.40.0 255.255.255.0
   default-router 172.30.40.1
   dns-server 10.10.10.45
   option 150 ip 192.168.64.14 192.168.64.15

ip dhcp pool DHCP-Data
   import all
   network 172.31.40.0 255.255.255.0
   default-router 172.31.40.1
  dns-server 10.10.10.45

ip domain lookup
ip name-server 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220
ip domain name sun.ins

username admin privilege 15 password **************
archive
 log config
 hidekeys

ip tftp source-interface Vlan10

interface FastEthernet0
 switchport access vlan 10
 switchport mode access
 switchport voice vlan 1
no shut
 

interface FastEthernet1
 switchport access vlan 10
 switchport mode access
 switchport voice vlan 1
no shut
 

interface FastEthernet2
 switchport access vlan 10
 switchport mode access
 switchport voice vlan 1
no shut
 

interface FastEthernet3
 switchport access vlan 10
 switchport mode access
 switchport voice vlan 1
no shut
 

interface FastEthernet4
 description Connection-to-Internet$ES_WAN$
  ip address dhcp client-id FastEthernet4
  ip access-group 124 out
 ip virtual-reassembly
  load-interval 30
  duplex auto
  speed auto
    crypto ipsec client ezvpn VPN3000
 service-policy output Parent
no shut

interface Vlan1
 description Voice-VLAN
 ip address 172.30.40.1 255.255.255.0
 ip access-group 123 in
 no autostate
  crypto ipsec client ezvpn VPN3000 inside

interface Vlan10
 description Data-VLAN
 ip address 172.31.40.1 255.255.255.0
 ip virtual-reassembly
 ip tcp adjust-mss 1452
 no autostate
  crypto ipsec client ezvpn VPN3000 inside

ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 5 life 86400 requests 10000

access-list 100 permit ip 172.30.40.0 0.0.0.255 any
access-list 100 permit ip 172.31.40.0 0.0.0.255 any
access-list 123 permit ip any any dscp ef
access-list 123 permit ip any any
access-list 124 permit ip any any dscp ef
access-list 124 permit esp any any
access-list 124 permit ip any any
snmp-server community sunrw RW
snmp-server community sun RO


line con 0
 password 7 1330000B282D107B
 logging synchronous
 login local
 no modem enable
line aux 0
line vty 0 4
 password 7 0233134228271B70
 logging synchronous
 login local
 length 0
transport input all

scheduler max-task-time 5000


webvpn cef
end

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents